From f99157c2f000740f228dd0fc592c28715212dbd5 Mon Sep 17 00:00:00 2001 From: jamesfalkner Date: Mon, 15 Jul 2019 13:16:49 -0400 Subject: [PATCH] security --- docs/_modules.yml | 4 +- docs/_workshop.yml | 3 +- docs/deploy.adoc | 4 +- docs/extra.adoc | 2 - docs/images/secapis.png | Bin 0 -> 200773 bytes docs/security.adoc | 339 ++++---- files/quarkus-realm.json | 1619 ++++++++++++++++++++++++++++++++++++++ setup/preparelab.sh | 13 +- 8 files changed, 1834 insertions(+), 150 deletions(-) delete mode 100644 docs/extra.adoc create mode 100644 docs/images/secapis.png create mode 100644 files/quarkus-realm.json diff --git a/docs/_modules.yml b/docs/_modules.yml index bd0caad..8d5aabc 100644 --- a/docs/_modules.yml +++ b/docs/_modules.yml @@ -30,6 +30,4 @@ modules: tracing: name: Tracing Quarkus Apps security: - name: Securing Resources with Keycloak - extra: - name: Extra Credit \ No newline at end of file + name: Securing Quarkus APIs \ No newline at end of file diff --git a/docs/_workshop.yml b/docs/_workshop.yml index f0c2dde..db298a9 100644 --- a/docs/_workshop.yml +++ b/docs/_workshop.yml @@ -27,5 +27,4 @@ modules: - kafka - monitoring - tracing - - security - - extra \ No newline at end of file + - security \ No newline at end of file diff --git a/docs/deploy.adoc b/docs/deploy.adoc index d3d05ee..acbc1d9 100644 --- a/docs/deploy.adoc +++ b/docs/deploy.adoc @@ -156,8 +156,8 @@ Earlier you implemented a series of MicroProfile health checks. To make OpenShif [source,sh,role="copypaste"] ---- -oc set probe dc/people --readiness --get-url=http://:8080/health/ready -oc set probe dc/people --liveness --get-url=http://:8080/health/live +oc set probe dc/people --readiness --initial-delay-seconds=30 --get-url=http://:8080/health/ready +oc set probe dc/people --liveness --initial-delay-seconds=30 --get-url=http://:8080/health/live ---- This configures both a _readiness_ probe (is the app initialized and ready to serve requests?) and a _liveness_ probe (is the app still up and ready to serve requests) with default timeouts. OpenShift will not route any traffic to pods that don't respond successfully to these probes. By editing these, it will trigger a new deployment so make sure the app comes up with its new probes in place: diff --git a/docs/extra.adoc b/docs/extra.adoc deleted file mode 100644 index da3a62a..0000000 --- a/docs/extra.adoc +++ /dev/null @@ -1,2 +0,0 @@ -## Extra Credit - diff --git a/docs/images/secapis.png b/docs/images/secapis.png new file mode 100644 index 0000000000000000000000000000000000000000..600add73aef2534a9a476c40e7d0aca4f588a2c5 GIT binary patch literal 200773 zcmeFYWmud|wk}L?w-8)|yF+mI;O@a`+}$;}y9W*K?gV#tcWd13>vv|Kvu9?%=g0Sd zb3OFcU0$nJRjqa3>j_hklR$#Ug$DxzLz0pdRRRNp_5uR~2ZMzMrIgI|+JJ!}N&`eh z6r@B%h!q@cO#xOWU|^DAN$M~f%EOr1+DcO9{t5*_8=}-Rg+WtaVI{v<1(C%n7=DNS z>Vl~WwaD-_xALg;XGA4bY{RcgXT`I(yq_Z@ts2#N*A!3-^A{Zt9XH;N7dfnluf@i| z4py+Ex$A-%UKK1qFDZXI5|%`EX8J6#6L8pWKeTGdY~D_tk?5G1PYNNxk3`PJJoZG| zO6f}5!;i8fxF839FiGA&Y2aJ}L_2R_TZLY~%fY~YG0v@y(Z$kS8UI8wW)k{YD4kg` z0Q&enph}Zb0Ezsk4UBl!jaQQcY=vH7l4j3Lgz!8AwM`1r5Dtvn_-Ekb*KDvIs-F@E zhw|!%<}moIU0cKNFlGl#lrbrMk@F2DLHHEOGB<8@?~^XCw!@Rki2c=}ffVs#K(8nx|+}cp=!f*`5VGGZ>NXEnN>`xSbY{2z2*#4NJN=RNC z8nHc((b+>{88!<~eYO9@DYe_CL4_heXSXm?MEM74n+_+m;>vn&Sj9f+p7Kk}uocpW zY+NkQpO03J#Kh7GoP5l1WkZsMkW}hP*+{k3AC3KA<<4TGzQ^T`ZDJbw=8>_ejK|21 z$BU7fpP4*e=Xuohe`V%W3oJtrl~Tmb*7eG!@iqFX9fa<3jT)oC&um(P>CZ%`qs!wW zMJ2T`7vU_8ApDuFld;hK3fD7}W-LPGq=JMa0gJ-I>naz#nRx!yt-PL?Un+|-JFO27 zt7-y<5uDi%q8AK-YHJ8`RtOoj>4D>+SN|jpwi|*a7AdG(H6Q0%QgvK%iyaLkP=Ev- z{Ha>M#6k@gKJR_DTFu)TO0#rXI7x!R4bh(eC$#%zlkh${PINLjp-|Lg#*tU5B_aMu zi>?IJf+LchUoOIUouW=0@q;`!!%&|na9uShSu zFy;0Fn|;_>nTN&?-lHJ2uWamQKANmHD4HFY3cRS-A~u;}8Q|((h>?E=0u8JfOZLrK z)YU%N9|SBOf1Tp;gyTUKVk-($MeBQ7@K|~x)lqpqn}p7_m?A$UvGU$Hdre?vVRn1o zE+#J-S`oS6@kqN@A&H>fj=>$iwsU-d5PTv~>?+b@R^5aNatGS# z4qJkOLj?u~hQ2TKcbj>9d<83s`B>n>_pgE=1)EU0{8B62fUK?u>j&?&_1OfR&JW2h z=*|ty78Oib@EbPFjv%@ugt9@3m>u6}_je{3I!KdT@NzIqA@(K6Mn8frvuZ51K#{F) zk4Tv?Dc$ULFqPRhmx#CioIk*XP|<}Yuz$iChAojW{Dj$wfF#+LM2z<wYvtFTG+fn zlm_i}Q>=(TXHa3(?0y&S!tdZ{1ToIh`%hKW*4`yWB%46qp@+jH1c+e6rMUSZb+E{UB{ z#z|6;VJQ()NB<%H5<4P!D%B<_A(bMvUf^m>UrW9mh%Y2ZDKkXACw(nh31Q6VX*#Baj$Dq6H{3UYaV==8lIHb) zN~Vu$r?q#{21o{kcO7=u2Noj*QmeoB$~wrZrL$$MvG&Vm$x^0Hu&tYWjMTdZ_5Ach zdqvwPy^n6T4oTa<77#{rczYpkY)$S_Gj?h)HbW zl0($K;;4W|2ptD)jA}pk@JSs@U3jgMhIOMw6K=IjwOk`Z&4#u2WQfJCWr9iFK+$;7 z)|0b+I)_U8&ZB@7;}hsakpYDYPNLUT7ud>NcPFZ(Z-)p?5c{E}9zN+qqt>>3IiSx&s+;AC+11pd&o*Z_Jt z_=vv?g>{mtJ2FHk3=Ze<#EUx?R~4<`-xO^=#9n6$|-VmI5)gmGMUmNk z;>lH6#zOT%VwHP`%gRb!k`WDOMSi7n`DuChZwpP^HlP0InE78Pmh5@#ZIL=^yhT3@ho}(Jps%hft4kaIp5`JiGCANEw_r}(&gnf=^SaH z1au50(YXKx--0Lai<|mteIpMgMRv1?L+|jt@^taUE9TW|*zDP?#3W=km(#+>S&w7q zVfv(Jj&19f^LF=zUKf%1gN<$Lkz>t%{AS@obPa(71B^bu5Bb@Mt$K_4q<%!lf<52U z^Eh6DtQ+Hsbh1!@;%)lv`?FPU)0upSfMpI3|K^AKkUrKk z#l3S^YzMYi%Wcwd*?HAqyUl6LMb`(#$9VVZwJXJiOZ$Vj@3Y8BC?y1|Ks>*ix5M+? zGuQLYde3W*5Vib(vNaUbx2bYEFg+U>zieo*UGz19?@Bp0Dgh;vMKqA_pVe}pRCkaB zN!zKLPBV?b&iwm)KJ6iY5^PbGhyPSke0VwalXrAhWLzwelCZa}r$_w&ELQ8&BN-k( z{u0x-M*!{jdrYuF(~`*)X_DT$o){8or*VyHFfZ~CXks1T@EwhX8<2AWXD6xY2nL2p z{@4E}DJ8N?klz6XP|!r*3Y2PzE)#_Prn`f6?BWI*g@ZDr%g z?Z)@@A0@a!-~UQx{7U?fB2JckUo~VEh(&B2Oo-VT*ch0;^1~Ao6Z1M4n{q3OivL%2 z&@aBP=1xv_+>DH_uC5HOtPHjeW{k{STwIJyEQ~BH^q>;-j_x*225$5=j->x=8-wwt z#(&pj=HOuZ*Q)=L^)FTb8Va|(1Hc3%rN3ms&&a?Ofn$(q$UFzf*@WTI4;r*Gbg3$X=ojpw=ggp<7BNV~kw3PCs^c@o6d2 zwC9SWbJ$(X*c+;us#v5-)8<~7U~G^+NT?Nakm=-Yd3ABK+>uLbJ@~oF{SdH!^EAfC zVmM6lKr#6gaq=bheLTY5202ftTy?91G~t)-EJ;JlkAy#_Og7#KmkEAV>H!?CuON+3^SRw+3Ad#t7cU z;sYEl@=&b6!&3!=Jrq1f>@=zPP?Z3(j4M`E+mjk#r8enoxlSV6?XuJ9;!yQ+CBr7}pkgA) z`{jP5`{m+}W~bcK@hB7>3yV?!$VdH_!OJv});47m<(3_1^GqllAIC1*$wX!$w528uXe+!r_3KJ^`6n#240cud6GVY!h(xfx*FHJQ04jGT$ek)W|2Jpg)6$ z$%`BAi{B5&v*}sipOtMoPW6k%lw)|w+FZ_H%LnLEXcDLnUE3r}7fZ?eWfEh9f*`vb z{14ak@;&cxy?OU>tv6dDZabfG9p#sH%XKPRc`uIyl^5$Eh~myiKJVz+ss%k=R4nQx ze;G{Y2-NJuh}3yS>G6xVw_PK<&8QXE4c$PSd5NCr^plcfUYCj|%hJvQ4cst!{9_LoTMM z`eDs2q_VxyorIkU^NQ!W&tv0(ke{Rw{vbKiE$i8t9&S)1l_7XefzaPRvbg)V0UDF_US2ZxQx zGbSUcz@F~;hv$qr>=|7>j{_;L%E9equcvFSh|hyX>}*_k&Ie01`N00~X#(~;&EK=w zq*k0y=#Vnl;`$K|L#+>6wQX1z>)VJ=q_`8wpb);Wgs?p{YK$FD=4}2pZNYWmu-3Ss z^Bg~0!t_z_U-Z$D_{*MnOOx8aW^AU(x97tn?asBVBJc*t9oWgeyZH1qK2n z9(ka??MiF~)WLrn$R2-*8Ro2e7+#Z=!0+2&#Y&1@DO66{_u)C*3WhTh=NY-eZ8(|Q z+T~Wy;IxSaC{xI+B4=ebFx{5x)adZ58%_GZy=2{`vFAsNq9H_b`M%yqJkcst=hmMt zX>vPvbh`n1rWPNb@n*3rI8KD_z12>Nx1n}D-#+!rj(>$RB#9_Qs#n%qB=0ko*QoGMi%M=vuNkbiMP@mJkltt2$1F!A$n7onOI z*G|xDLOc%zNtLgp)LEx}ANO6z6<-SI3^k-ysW<1g7=QgL03a;7m7Gp|x7jG*>HzPZ z*L6O3R{A9>r7WvMu~t&1R>|Z{>Wdz!JPm)1)!(0!9A~;c12J=6{yOu!XmX3yOeFqnEH7^m(}tVj^3iUz*`#wy2pl;(lWXA(cm@}9EFW$2 z1#*;q-fA)+Z z>5tf#=?dV`t8xuGtM&a|(eF}elv3#cxS%aCui267znp0)IV_xc3a~L<=aA*^@;qcP zYg>#&GEgh@aHdw@z;a=#^2lW~pHWF~wAybNrEaUV+n&>rZTdLfynb#I*>7+S8Nw6U zNZ}0ip$gpmkkrFw)2Iac29hO5c*71rz<6!%;BwfIkxM7B;3HsBe|@uQ*L>EQ<)m9Q z_255Q;L&zCl>WC%yQs$ zII7=m>ut(lwRq}yell;6vDD?7L#oXbKiuRY4wIN`w*_YIW3QL zIJiOCNJ(%TDqZtBT%S39t@L5zEes zyBq3n%280RUQJ>yMAGcAAuF7ut1D$#^3?3O-OY}-M~XisKHm8LwySr+z7#{F(A@)*A(inCkBv=tVwWXz z$;c1i zIPiDP5vE}#uuL6=lH-U$(y>T*q!f4+^=JF zYwcqur_dSpR)}O0UQcQU2(hP40X}&@u8(gau3wJ`E-ZbiNQt^4v zD6(~`M`l~}tlh=sMD2lVhwIVhC=0JrR|N7S06FEcds40;19>fX(U5U@OE1W>7oQCZ zN6yFIA750GxBuu_Zjba^ysW6w%KD(q!9e-EzdjKZ@+D5n^E!2%t!CUWfv$IfhC5W?FwHHS7!7CzIuImswkr3d$|Wm6c?0{uBtBkQiZ}Kgt@T zr^^fPU3)Z=_^%ER{`0Gzsa=ly+-UV|Z!P5FAe)<$i$Rf%q?pjo!ywl_W=v|Oxm&0^ z;7WsXbnwuV6U)9%PQ5*42QFOA#3`ZX)1=aJgQLWW9^qv4RlfMhoYZIK(SotOE=Jy` zW;)I4?(*S`Eux7Dy?p8za%BoGu5)MmnFi#LS-~_GgUt5FJ;CCf%Xk{C@>HWU|CBYt z2WCjM*jiq*h3{rEynU@)bl*h&-k{TzB35q+cV2t`Rc`f?Xn8u#&@by&4zNTX*$U$~ zVZB~eVNB9iJO9Q2oH8q3>nW`33&RbmC=G#HEfue5Xp{d2zv2W0Vn8&pi0zQeMd7YK z96OO4N5If&*Tzttgy)X-fB ziz0o+lI$N*otrJL-(!r`=dfNQ##^XVo{Wk-92ADFtKA>{eJvo@XubSZo5R`(Q5wye z0S2h@kooLz=;tXr8G`5|l1z7vqravrR?<+c=ha{S+%?HRjKLU*PA(%IES(f(ws37C zL!N3svd+kZB7$~bQA+X{KOf(w+V{(PqgfA`;Cqh2%0i%mgKF7gY(Oylu*JA?o%4-p z8}*x8XG-0iOri=u3L8c;U!=skGs;L#@F&_nUV9hI0=L6QoNu$X?tF zi15T_q;XSL{M*ADlvtZAc=V{PxtgL}%Z}~dNHo+8{+!6Gaelk-RvNTU^mg^!T&N#+ zbl|)tSxdK!zT64)m`Hr`4ozU6TmLViJ~_WIo}qHwMZIF-aQjZc?aKV7 z-Q`kITmyrL$6>RB57A!2BI0ts_Iu+i4{0f`_$JcnLVDLv8p&lil3`4XZ(Yh#_rT?> z!tI0hrS746!)2D6!v?;&R_Lg7$rJ=ew!GVcSAJd^6yW}SW-Bq z0_|vC`ZJ8b3{>MtFyV!c@{r83=eraOc1vk5FB|HF)FYKz%R^+G_t}_bLXNRxR5LkR zaM;0=4PL9_dHEw zk(oB^Hz~&TaIx8xn~cbG`?W;*_hJW0>LkMmSz>xTt2eaw_-Y)&OLHuvCaIya@TaZfpuMqxM z2>(18{#O(Je`|su@XYdg&a%aDpGK)ffn>SEv&m|`oqGIJB9*H2NTO6?K>?X&n}=%p zdGTquPK$$7Q-tTp5L%bib=YSBGAll3o5=hLJDGl`m&5Cly=IM9ny$CBJgxd~8YpZ*?Z0rZt8Ob;CsD@7X_^ux$%dLR?a{Vqfj&fZ} zPnU}kb7wQ1rxSKdse}W1hpC?*XG+^UD?NLR0d#BD~YOAY4tw{yJSK( z{=-)I@7vyP1wFTi5~BEip$!;kNG@F>Y*g5OHFE>FKXZTjGE<<*`nK(%LD+sc!L}+t z_~mih=iv=SCQ7S;%-8?*x{p)8m}|^#t-23t-Ba>G#xu=3<-J2x4UwAg=?@|D)y6f+?qVSlq} z{j4iY#s_j|XLny8g`dve-hQT9O4)phCIo{&?E0^QmF3E)(2uDm>?x)8b)Rl~?7mL713WPzPip539)zlaa=JQBD zq)%U~Giw^lU}x2>Fk9rRQhlInx!HVx&%V;Db)6)9x=x5OK929#%c%3#b+M1=_fMG- z5_7*fNXp`I8QLxoIWDbD!2R5I%)X!jgWUdnHv6n65MTMmQl_vPomDW&{st*7GDIm7 zI<%(A%2LL)AoHINhZ+8-3;k0wd}u;DGRWLB_oJ}l0-dMp0VXDcvsB5_I1U1C?tyHi z)5XzPP8cy2dAT*fOEUdelhO1_A*lqAVq`9je?Ok}3nhvxoiF8bCQ=Z)#k`B8Rc(#L zP~E>Rio(mX&b*?Cm61C!|1e(1E_OUlDWac9Dyuwa)C8yms!zVf@R1bG&7y(tPUzi* zthKpTaczo4U~$5Cj;NLudE0qyXkl4n+H6s}5PR4&JJM&^9Au*)-AIO(afSBa}qdDuIv4vl+BvoFwt_^wFfZ z=ZtliqxV2PuL-K(tXlGN^dAGGjNf!moqW`fLBPVq^)atoy=@4<$%Gp-Ylq4%&7BzBT3JBHzc-DWEiG(ulG1=Cj{-=kna1HyIBHJo&6wXqH9S zo3CqOjz8#MsQ*OJl-}xof4h#ybtm*Z;My(piSQ`BO9XbL|8Ht5N?8I-|f_ z!NCO=rVXc!02C~nC9sWSYW}11KHLm8?F^aL5&j38u1=Fn)D|P9j1NIW6t8S-6y8Ev z+(`?YyJT$JA&AA97!K{}j1z1`^)ql9BO)yXvWGCo5B^g_C_51S7jpJRIF}>`2AzWPwDWYKA_*>E zV)(kyH*}4$M#sHH;q$}Du<_IF8;Mf68ysM$+hQUasH9vHk?T=B!q!r0NK^W+v`I2m;geyq?3Vr95TKOG*$JPDoTO=cYO>zdjPI zn)Gk_j#df0Z2_oCe-9U|y6{f2y{xC?WUOHV`Inw(pLJJ9akevD#$?!b@J07X@r+y(<7AAcvZJR5wR&~Hhir~|@`_r@7_#otIy)v6rS%?{dJx->@A%gaYfxmYZp z^#P5$@6EvERZ)lj;ft=<5gd4s|zp&H8`mI*y zlJ0Rhnf--hvd2VSk6bJ~DHa6%rM|_z96qnU-h{nz*?Xm%LG`lDm*`3$16L_Gz3;l% ztc{?q^=>;yutoqQ%{4yK>o$Ch_Tttki!W&TAEan*-p;4fA{IwiDKn?~K7hiQqV|&rW}~ib#>gJvalQ+Htxb4DDn}Ho(^F zJt@>Z!%u^M9QMa)K7MtRYq&15-!o7aM1)H|Mc+U9!^HQ5-@$2I{XCtmzI4?EUL#s}T{0J6z zZqNB|Qv|Uae&(fmJb?2&dGW9No47ZzL=hNolMC~FXqJ6}{IsqJ;p(`3D=idr+4<`VPSPVKEN$u?HK=15aXd)`Q zA7sCapi!FU7Tume*mfcaF7%+OvRZa1g|wL|Pt$xoZnNFLI@G@%r4F<{WHU!y*n%+m zv~w%c`Fd-_IzHs9;J5ZNlrJt6shG`ZQ4(i2GBhx*Rf7Jeme9V@s49h|_h{*3V<~i0 ze_r~-X>>Y&FmrePS4e<>&r5&D^4JR^c-Gjf8hf)lT%u#sn!PJ7P@$cef}b}l7ZIVz z{JNC2<23i|-199enuXxyi&C(Krpc0UlC8k+T8DPrmv%_#>^5MVez^J92f>~@mjpdq zU%5gA>tD*;_axI2g~+0pp-a{Nf-zBy$t>8}bv_}CXP(n$NRxeC{4GmVVoidEc=vgD6l zz~x^t61Wr6QozS=@`3U?It+kc!!;yKA?qME=778AtwgyhdkZDJ>D|-fa1fbpRH(wP-8gmy77NM+QYUXBBh- zQDtqe7l{!Jilpt*4%brtUsvgyL(ks?%uH7b4nQQo(?r-h%Hd`UtY7ga#t5(6}LEQxZAXD!T2*yBp9Pdi)5Pjdu zkmiCpe4hJn`R+NGi>{3on+s;eA1{0PvCui@6Yi?s2fJCC`i^`(m!~GF9rX`i4xS)L z7Y~ULYu0BzQ6yzPTqKaPpQL0wO@TE+RJwK1nbs@=h{lPB*%Vd9K|9Wvx z3Y{oNqE&xICb#=y?hahDijYW8560hlAR_y zZyca#z1`kY>ojb*Tx@b$V)#4XBd+^16zM5tBmqe0#*a@p+x5#yU|QTa5QkHDj|_moU$Id9gOQ>T+ZVYOOSp}pL#1kj(bu_$10wt<=kLA0Lw-cejI3gx|Z zu!Q25Hme<$>I#@g>dtp+H8Zbkj^l5JDI&6iW$Nhd-CJ*FQR2R`X=hENGyM^-$u&&& zYv#u*9c`L1ygUlrFw&!q=i@Y)F;Siq-TQbzOSX9XyOTU@W<<(^i0d~{RvN^GB^QFmo;783TZZpjvzUAOZt8o z$$txJJbv~P-2D7`6t|Bm`nYKILPhKX0&uM%`*9-=SSv5|Aj=|UBAZC(7{AI4R}b7- ze-JPSDhIW{@^-huSQByE3Fa&(G(@HyOPh0LxES$h^6co$~fM%@?D8YWK$+>8tgs_RS}_c>V1s zE`i&S5C0y-yDe?VK=g7l0&Zh75xJ`lzYBTnh^?oLdFUK)D1`KP0=ZwI@zN?m0@2r>fFiIJIVJIpB`8nC9Nn#^+YN%lMretS zsy2^_L9;dTY^`&=V>xJ`FMJ-?V>qPJ9?P$nko1mZSNuIMykKs+X?r5AEnD*7Wy3Ci z8A-e{CEI5Nhg`sR;d|Pz{5m345e)I02SpTIsv!dm2ZTsnrjiQ%wgFqbcq_))DfOmJ z)@}?5w{FG0H$INFyB~z`MLa5sQ1WoF!YDqs8$3RX)yuKhM8eG-JZ`aT-kX8qEwJ*T zgE^jx$@H3E`#RqR4mH+ZmfWd67@Hpr>wc~&Fj_VXcv?A{%B5(}r$U&Ji+g^&%RI3; zljtOX+%c*zsUqgrk2Q_Izvt|p~lNdUCbpBO8PG@kFUy z-r(`9Q#c83_X48R;M!;t{Z8k922Ou86M`f0E8MT}y9M)&>33t9nt!}|8?0W_Oi5g@ z>KLI0)jQxZQAXmBqVT^5;TF)QJMzC4|H&O-IqOpFNPsRQxwexY%AF<+8AY&dH)*&1 zL3bN3*^*aDm~!V5$#>Ct)ynL#^cUex0+Hk0L-p%r!!4nm=ZL*+IL)X0VfrR;gGn!; z2??7xX5+>7v*~f^sSVqt6E?!8S}=33D>QsGTHXn9(*~d5MMOxg_v*b<)=hWoS52FO z2V&!BTo`a9`|ayM(HFVV2{T9HGSC*fvU1r>ftA8KTS2t?YqVwq`p=#18`!aE+$>XD zvyCD!#Vv|mF?I*c%37N_YG2vU#9!p<&Udr@J~=hg791!cWrW#&@*3RY!c3K*0__~m z^b6GXL7z8+)Z6yJME#_?VG}z{5^HweO3^JZpN4usJ_%(Y-!i zpLdyDYn&#H^bt{oA0@D#kSPl%H4=f)!WeX=+ioPGGk{!p#V?%ylk2|&gn(oV1xaXjCSlZY*O@XC;Q{E!gs=d*8=wGespr&C1~ciMvKK#sll21Td)~{ z5sHf+I+Sl7i8M7{TQ43Fj8TF>)<1x(l57{zF&g?$J;!H|A2o_V|i zMB)yKvAiAVu#p=g1R`zNh*ZID~J65@|uy z`Qox<36)=!TLJ{Flu%|0al|+NS~u%0i7SE+lIoT8YI5TL z05`Lr`Q{sl10n#Qg!RfKAq{XywC85Wtj~J5v3UiiW6jkVgb8bj172>E%(5LK`5Ko_ z68Ekz{lXgR&!?tUo?;FZ0%sQJVOiniNhLuM8tWOE?m9Ua9Zw;e12=eiw5OmDqqBy$ zQ6SPBT^UXUuUPdY+tdy+Q2bm$|aaF`dvGc3&XxtSEg4;da(R zvg7I#BEMTPw4NimOp;4DFs$2%PVIutX{V!UtmB(hfh6xeMjN3YTQV zBot_p?x7-=!$DpElgyX=PlKTG%~hV%JE!$@sMLMWF~F59JBMDYA^CTD9YVk-+wjjn*IA858C}H;&)Yr>CQgE~&AWCFeDN2k+8>_juD~>PJ;jM5aRCBUN+8*ikor7PM^XBn>*Wb|#vNmOZ&oUswXHa6 zsoi`EN(fAUAwj3!#vP7oN5}a>Hk8c)_{IBjLi~B9A}Pcm?YDvE+K7p3))yW4w`U~W zR?fn-$wTR_vkh2?{szuFk1DB1C=_PaSJnkTGJ6r zAOh_3ej)JyN03|Z&<{7L#Ijh6%wCSB#QzhYZfTRSlRo+fcWBKdU|dAeD2k6N@D)D} z7Jb0?`5pC1tZ!xQsiZB$q`wF)#YNu+%RPTIjYM-x)Jf;V;6+(J#o~^N1&g!K;Ekc;Cve z#6=0Yf+qiLe)8`6jw2v9P`bE;Hm=Ir*dy&iQlU!+Vq zxE0uLgWB#0dP^Xs2yaz)Tj7dOD77|Hl5P`#1K`9oF}flM@Y&*i61|xqdHo8sA9CxE z_;EQdEyN%|yO6NNU^Y-6<}T0z#YCUNtX+wk4ipfCIvJ<$L=LE`Sq;ud)%fnKkm`S zPSy=MH?2{~Dz~#*eZt00Kqi;!5e~*LOjti)4;CgGp?*bjyEJfrzmi}-zLBf?Ww0nT zeAD|GVt>EMYui#QbCn{hXArkwYLfahMNm2Gl%RrS%B8q|#4E7s)D3N#GjSVS@>h!O`Ni$!PBZ z*=pXCa{wI1xi6y@RUvyEH{?^SLo3NAcg1XvM@nR>u_)`~z1YoD)Pl_KPt2IDE|+r7P?f$zE@QH^ z^|{Pd%jGh<-}UGDL%44;o=9uQdy0vOc^x>E_a@d+!s?^ZOKO@j?_o3{e|(y3watIx z^xt;j_VCA-sqJW@%XaW~)UI3FtbIi(Pf=DBYF+MVp0>IIWzqIVj($lqXBfYStlFfQ z_%bGolnOc{^xBeqj8B~N?0L$1eC_{pweJr ztHEiOz%|2*)?d}iX}>ZxH=CG8H$M_$6k6NGlYv+Vy+GG&)7%t$s?p}2@OL{XD!X_D z9#_j|UqB{ne=K`ByBB9b(2dlc+)9F|yw(fEJONtg-s1J5LC$Qeg!x2{=4>$!DG-ML z!B8UxlFBUG{Y(ItqB?xdYfyI}V%Oha-ohq3G|OX#4c`If+Csh3}xsao;EzX>a7wVO&1Q?V;OwPpx9(%WULTn9TdF)RG~{q z5eBRvgfYntvZi7|z#Y(mv2B$mYiArvL{cs;>Qp%gEdq;bpHzGLS{DQpZA5FBXRLo zILNWW3q)z%Q0wrrJMZ0vVR4zeFvWe$Sv6PJ=bQe^;nX18bD-M*kl+pdiK=--u32xp z%l738l&uC1tX?F7!XXa<#&s`$JhXKB9yFIvuFiin^;@*c_dUK}zcCqsg)l!>zFeeG z5_%AqG#QnznDG6l187%-KIGOL%$k%)*d(hGS*@t2RA0iFIqi=a#4SQq_W<3soicb} z6*FbR)AS-9qF$k=n*@Z@8#fzni5cJACMDA;hKGUuNS26uRamLRi}FO8h8wj!GXem z-|SH&_Wt;-dJ^koZ1h_zVAo?7Ik8_Mz)bW9nY8q^djOlw!dKF^BI*pr9L7k^bfn@b zcsvd&Qr&EB`*v!*4i8x)rl4sw7Ve*v_>JR>rw{@6E5E_HNO$gMES5^b4l9pDp2EM3 zHChvHe9h(&t6}L_yDV>NnM!Z``RXxRF$ic4-Oi{oqf=#$5S__>1Qri+odtrwemJyg26~9;1CPxGh83-nRk=saL!LO}a0)zzK){Q~*J695U3F z0ggbVEaZOI0xH~Xz^)u_l#$3#Ol^A3r&{d}aTXfbEaO7E?RtZ_GZ$>S=i7732-7Ew zk#YKTK?0>JpTLrpP!hu-ZCh^V+m3AtYIIa|c+!>_^CjY;C)|J{g>DzKLnhV*$4~v0 zZTo8ZZn?6R1bCIbqUC>7K_dW-7 zuhJ_VjAb5|w_Zi_u$F6xYS6)AjO(`Q?#(4_;9$29@9R9}pLL#dXJIKKNN>hXMk{x}fE2gn2Uufifl@`1WNTJ>WuQ0w{tDk9JyG}FM--s}KDp}os*31! zp7TBcRYXvE&3cE26NZZ<)Bess-Xxd2xQ|%4?pP7?JsdCDBz_1VtkBnYIBItuxzmXJ6V|ZJ%~0# zR81OQp^0?5;?Fv}o@ToQP?H^?H>!+1^y<{C0Tm%lw?EmL)XNlE`TF@r=j5-PLJk>$ zh2`jO4>k%HdPACbr)H{kR-ymHL-_{I_GrA7D4)eUOznNx@gQ{--&u`)+1z5(?Hz51 zn`hl#kQy@G4J-e8=_&)K+PpNquJQ5ktA50jOlGspfSI`B|KsZ{qvDFPZ5`YtKyZiP z?(Xi803o=$YoWn|L(t$7+}+*X-Q6j?a9*YF?Y{4I-|_x17*#*&jHNXzq3-u zZYZ)A{v}AYM76boR6@sWv`Mw2?_4q*>?&{{E=tudMD#0_2xuH3qRm^g&A(iFIJub| zBX1DC>lr=ZId@a&t}Q-@h5x$NJZiAv$@EPU%gK%uPLk&Fl1RS-F9G1Ng*j8BsNK24 zqQYslAkZ5^6FC8%Mtv$^Aax&1xDrxE@=#j`Cq<%Xa0n|p&r!!=)W;JtxxE@lb9}PT zHd`mlO1>5Uy0QwG!Cizqv04{WZ~j{35Z9#}$VBlz{gl9>;d(NURDv5k*h2($kqCQI zZ3xIy!<8fPy{6r@4BmINqJd9PEJ05d>@DKtc1@ejK=RZ% z(c#~x`LSt-Q)K!ZJ8aAHn zAe}^$UcZ*!XDuq;j`~IV62abp-#eXem+c6a?h?*Aq?35i&!F}RPNI`AxbEx^ z&*_lwsjeq7hZQ&>E1WyFoYwQKAhK(Jt!~aQVCmr4b${M$K8_-EUY^DFBG+Qma#|p5 zJx7+g^9g@e`IcZZnEH+giejjkbUNJ`cg7RyLojRfq zNCb_Vz7RQua>%KM8<|}FfFogBWBrcxQdV;Uj>WJ5{L_h`%(Cl3evOPY#cebrp1CPF zPUP%~S$wX8>ObXNTqngP(<^cy8$8`QG~7hQN;&>GcQX)+mXQnAAM3ls$yI#c-uR0* z|AY-kse#HouLrz<&DSh4>t%EtLIjf z0Xu~<)3*fP4n(NF$C7~Sd`*Q3xIIGApXIW<14||2bq)AQvB`*jOK`lpPW$2P6uq|H zVX4wa#nCSJzbZQ)=GM%cs0=PW@8=iCtFxwJRWF08Y9v5t3M{CmycNUR!25l8UN5xF2MIZ9-Nvo* z#)5P5Woyl-(9j-sGlRRP@J3ou^4^~}y-R5$Zn#}%p#QFH{SY6DAryZvPH>XgX|WxY zw&Oo3Q&v{C4R3f>AAk-PPOVM;$pW~UcP`A)0}g$@UbD8xy+A+!qQ`pWOU2Y_yi#UeP4SbnFv6ti0_jHTIiRUPw{(c4eaX((RS8;~695Ymi_KBo&Ky zPb>O1llh5AfB^{UUbG`$Nq2&~b(eSkFxA%=v>JK*#aJk{^Lam6HVR+JUT}>-77k5T zb^P2cOZjNbPv38x_2=)2{1=>ae#TVu8;o%+s7X};r0*r}@)UO-LwP`KFF%{jhH(M+ zwb${mo4*^6^J2z$vO*r>~Y6Y52{eYJMjt{AFh znaMicF*_Cd4Sd(jeMCL>QP&^L0~dDPp65i4sJrdl`pMM#-u*gW?yt`ffQu{X3|l?+ z2#&AhZNrY`Lf5y>2N^+!jL^W6Wl>nd7L}6RW&UAGx5a9{W9^tJLuC9 zpuJZ**|%kkT_Ww<@58fHyKT$B4$S(thq+x*Z9YeVBSS2E>be~ZgUt)rWb$dE* zp2a1_ZF5>qv6s{3K5D2gu3oT>qm@12sObB z9l~UN<{$7e2WCAJ2CUkv5Qgn&R_I)mg%k$0Yi8rtlHq4S(z0U?Mkn+m`7DN*MhkU` za9sL7b0#m^ePLUAR5-4nb-oS)agr>V4ecj5JE#F$ZxNlSyzjT+COAW_=jm!cW{w{y zBWRF_ftGi*3$|g_5l0N3Mf_i`V%?!(6$nB;nx33CeR z#5r8uFm5u-B6=tyWk^U~N@wuk0)(N=n^k_UWc!9g%k4qb4o+QRKB3On8D$QYAa54b;4$4D= zJgPB1rypWY+{M15-U}=?kbsvkxewRwim!g9xPUaN2h&#iHqp~^C~(xB7RYUb|xVKxpcs`t9Ztr;#d7mCblE^1xsK%H04z{8t7m@&ExXSc_Ro#MioAO(1w$~;A z^QlrxRI*g})Ms52;9(c+Su>)$9r-@?useJk-Ky(_O$(naTt?Zqj=ViB`yzL)A}W6%*u_>|HY&? zMiyJD)6d5`C1a*^=;TxmxYa+t$|hLNmySBBM^=0d{yp9um%00cywT<$U!~J;VFqvLov6$hTNaEDe0g^Fd(CZ zGKrCzV4-}rlT+(DvdSAB6;0~FW%)yJREMCL)1g<>vuEC4~>N1{c_m=u?^aMO-`G zX0@hYz_^^X-5UV3`DN#giuk=aZJb~~X&mqQh-=rLa z*G;-7Rfg0VVa;jsL-A&I4lAy})g{#LRa|Ro2#g^oNR}XBFjiy0+NmYP^7VQbt+ox# zhQ%6wOJ}o^7oPt31FT1V`@2v27lD}QJ4dvQexhCshl zK#)Lq5Q)*kgB$92)_a4uWReg=F|e_g2L*l!J*8>Ue$F8PJ`Q1WXIuEq0iTcvjSScS zrbX8xQV_oWcg6tmt$oe`X-xp3gmU{!$yI8@DbMHsNbLR06uCGmH9#?E^M}HxLfl@n zYd$5$JD20h#00C9WifT9bIXwy^#FcRZT5LIzv_%v=f z0Fzm;?1xNa)E`9P>w}m5AeD&&i^2s<9As3>>mFjQlp@&5j_u2ABEFWg3lH{jN`b@m z(n8M$G9f)VW&{4Dgr`k$elmYYk|(U+ioPC8{3W88aSZ$9x#@<0+?@yZJyG9DqYmRt<4TnC` zOXT3lQ2{!QUQGh){WoPH4mQUz3p~!3Mg_~5!~;Ueq3vM%taNf=lxGd9Xc7u=hn5t8 zkB%=Q?@7|1hPPgQr?yNsJX-SXi0&y@{+<(DaJmYS&?2KRrI7#h%-9&hT- z0+RywTb8am0=WP0h}Hi~%nxRHQ1PPueagT0$N%0gfI9}#U~p)!4eNh-=if*JTUgZK zZ=co|a@ptq{lNcNSKuv>-5t94U#Xt|@89$tXs4{5S96du1Y|zq-me~nW)omsd=34v ziGt@E4XaZ4{^VyrTOP8|n881C8W`e`^CgQ3O%FW0Reqf|>ovTJ;|PEox%?6Jv8Q=@ zO&KRAr&Kl_QOH6%fAHZY+x~=Nx^P=uWBlCkWrxM-aH1S!qF$_4-tt$>c?O*)p073x zmwb930!QtY!i){5m6aj$?>rgQ>MTM~nU1H(mg^kFL+%mOaX~JbK>{_VvsAnumm)>E zg$oTj&40uTnb-h3JhDQLJ+(lvzb?rcpX1l@7iurNLpgg$@J%Z5FT^Mc{6Wb?{0%Us z=bAilj0p_t-zWGAI}+&B2Xx*E7Axby5r>hEb}wfYW@k6e@K4N4TOMHE%5s}!p1%2O zN0?^$ZJSWZV$tX39jD(us&MfV#EJ7n8a5e7V+LsloT2=C2T~wx>x9oB<8zV9-vMpW&3Rokss7x4v(x zaiSMEokCOPVkaXrME_YXDPeaoCW|ek+lBc15;%*K#5QudZlxgL^x!aboqXRRH=tio@S8SBuFPW#*e|uqbdSK3MZ+aQ& zPy_e&;G8Z^=Nr#h?bvY}+syNAOB#>`2*J$te18$QE$qiUn#_2&lAgD~X}2Ked3zFH zpe!9j9G9F)oMI-Z>4AAPm!AffT>FrN@NZ|>eS;0gzz$SbvvsdP{n>78?bn9G;dp8A zJfu{M+p4efdNC{hrNMdomRzMtMz#4h^BEi$f~>LZ_0+2M%s+(C1DxMI5s%Xgdq4Zt zSiI>>vi(TYDy zTJ;k$xR8s*q@{QpwepK56vBwWHrA7FaEO>zO`ol*=G_FdQ{HgrJx;zl-w?gC4Q6J7 zppdgKv0dMZl;oUHvBS+l4F;L{6R7EN9-Ioh04QTLSd*aZ4X~Lo0Z;(`_Ga*k9I416 z`+dT@neCJh$R#6&=U?rAxt-`H=1FdT#Bl*0yEv{cj6(v6+o<2PTKcpm@i0jJm(aTm zezsotOyPQMk#*Rur)GarR-IHBGS$?f82{dY`aPQ9U&qsg0_5!_FZ<*(tCAIt_1{NNK~l>COYI(=WqSr~5D?ppn=Ixpw7{4qK_~i5F`tg_E%|Iebn_ zs=EnGgOX6l*H`xq75mn8CFkZjgH;h}N*pFNiD*KE^Wg2XK0J({to~VGK%`<6m`9f2 zb@3jf^*##P9Qh@QG?TC$z6H(H{30h>B!KHG?CoB)=|j@AxWZYwcgifp1sl$1p22w7 za85c~pn%LUuulqoFp+xUAw{O}B@H#>k85l6Kw9mWWF(X2U;QWZzqxL0V^3;aTvbu> z;n5)B1%8=LKG4grnj2F(P<`y;UUWSni}tbuX0Bg%^V@rdfNB*A6mY4*Fu4Q`+m%sC zL9bz0PE_0Fwqd)2gnyp-TgcQRXj$wpkUZ*We#7@BznkuZ2y@!02eZUp94t#5i)bkw z3eZI^z}i4SvVu|)YQ`k@y0{FhzD566V>GTV8GgSB27fhwG4Q(dL@!b;ZRoOwxy}oL zL_{XpcTIp7yg&SNW%ec6ZXE`eTW$b>P$-?!SUNhkI!}s+e{pt=hgUuP6aBV}?R@zD zgn&8t7c^4d3W)GL`jD18kawL&W?zU9dOlAs_Oh%~>|@{b*#cL#(x*B4U)O(21-|~- z=a+%Aqn3rA$+-Y$gzH0*>!RW+Wx@AR^ML`(8aMj~bScj8LD_gGN3~Xy^ge4>>wC)4 z$x)@D4T^5ixgLEZ)@AGk@4E!I#( z{6uFYbO1UUswBeS^;%!yq+<0pXusJ18<1>`&d3LM5o!{CGG`n0U%)X$vR&zSLnrB` z(Wh~1nwU{eg%3{Q3RAI6xV9nRE}~L7l5_jRt#_7CYId?r+1wW*tMcCY(-+mBdB-cC zs*qMLmQQ?sq#Vk)Xv^@5Xaz`I=lQ+Qf02cO;gVvU{POv(+E_Y2;+pwuQS7lW)?&U~ za@-B`SCk2b&PmZKFu;w%$WGK+fRoE)^)4v@j;sZ&bJ;k#ZF%p{_`x3sv9O&k zR4k;!`4vKheLVa`r}694X!3B|GW)E}VA1VU$yN}AS-Kubf191!O(H*^~$S8lL z<_k!>eTT$Z7l7vo*10w4G>cOUzUvrA;7lmjZnQ(n0zP&ME054v+4ORH8oUb?;$Ga~ z%@**CrWAiK4+**CSu7)X8%3k)i`Mr~2#)a7E1(cTO2NIn@T!uVKRFPRst&$6NbwrA ze!nfV-YBV`D{)Q&_cr$7_M08*8noa<%REvSg8iZXm(hjuF`p)@eZ=4FH(+K_YlV<@ zs%$>pJf#xJlD2CC-F5I*^X}(3C#14c%Lom%zw99Gj<)DOid>WR$9_s&lS5rK-v(SA z-Cje?W^vWmE~W`N{MGbs#too_p%=BcI0MmTgOPCJX2MJr@q#+eeAI>6?caN4JOv8b z246x)j<53Ce{Li#GIW*dd<1xj&DI4<0;{q;wmFFX1+xn392IPB`SnrGV732w^z zS<7_W<-l1k>jJ%JV_nKcZE+ve#hF9aKHH^Mk;<#xCtXw1?U&}7Ghn|P>o`_3{=#gxRwS~JY#eeG=vZEj{W zIEM<(Lo)hL8F&;bsZX}$Nzc4tSNp^~v~q_#W5*wALwDkwxdxy&c%bg!1p;#)oy`$8 z&Jh3@x7-r$&S+o@*0_LvzJ z44-?uN~|>#MF8+Eg1KD>TtiZHzCRhK+9yTM_1FBXa_0^G(K#S=cpD)&YzRG3ip>mj z^8mI4S`(G@t!l9cZ=0TPY-wP=5-01qIwPGp$^Q-GT}x zfDX4}4n)J6*Sv4tNN{}D)WBp&X4Ks1+sxwhDf#Po!-{X8vw#ZD{j|5+rQbU+z84SL zjLYB$hYWmYd0u{4O%0Xx#*k4a1Ve7f-KEyU_^EWkA%UPxKSVZGB(Dc5`xS=X4Tug%|=| zxdt;0e&PZ*#m&!d-NFst;|U>Y+4>$P!sx`issA>6eL3wWA%xAr0XNLrPyQmhFBy z%1I|`j(Lofd3%A``>seCbr`0N4v8vNMrFnFd>aT7_=M9mc!f;=CnSc>v+Z8X;LwHrk;$~UMC7oO1Z)_$tW$={9TudYC?UlRJ_FI?C_dUU$ zTA0Dt`|RY`5s~c$V2JkTETKG5DOvw0X^=JJ<+9miemOGYnF8yBMW=oH>1If~EfS)4 zdW49-n4k*zeuyVs(G|xfPXxFvc&H7C{rTJUvYT`9riMNp1i8}3D#p4h0yInqMpB6n zTAZzN0I_k!rrg~tuxr)cBSN(6K;h?51+KR%N<*he(|4n2n=RbI8KHxlDRI3hy=-Co zV*uySAIRFG&@h)uJ&mD0$$8;?k`r8;n8(Gahxbp~7aWJnNrUZS=5%f89q&(mW|yJs z2bpFkJ|&=>#JO~Pwvc#|zPA%@8*+W$r<_A>))DFF^WVB_x8#ZR6~~oO z@M@jA4&~c=mVZLjkY`2|Xmhtg7cHP|4q(zRfINXQ?r_YS&xHd}tx=U4+9>$5STH?uM4yV5>( ziwLbn@D!LaPK;M|!{vN-^buj|sB83on~sg-nEbysc>=gq=DqFPtFw#x<|`InZqkFrDZew$q`zV>cHK^Ap^-!YP*9DRkGt>)7|Hi9V(rieQp-adTTEvLtpbO)v^ zM##b}q%7F4?G`zzABg8Z4)44CF^74L3;3AX4L!0k`UR}#E4^o(NJ4`R{yW@OD{C}G z6|Ik`c`7Ixp}L#rJM!wR+Dk!rB18{4`W<4Q+4;Cqy5XOVuo$IY#dF*@U~pj6QJ37# zun^g4Byx^)|4@i6R_Iw`38^5il6+QKdu=y~Gq)p+WayU>@c6d%jqKIFW1VKl?Cq{l z)(#N{!2)-Ni%*NoE^Oboblpnr0MaeT_KARpT#K1DR91^>LAM5pk z6&_hE*CHAfzb`||q|yK&0Wmxhx|g7gcahuO+DsNAEl&^gt7)!WI}MyG(FFs_-8}zpNX`;C#}_-~!}+ zEmfVx<#8O(-Ml;svRO{&s+9S&rn1S`o^|fHvm9}Qlz9QdZR24Vzf}6MO%eb?LN4+U z?zaA8n&!q=!`q0rjUuVP#f!E;f{SU_;rs(&7r4s({>))P{%p~-d{5D?dG?m_eUd%$ zy3z2*+G_83uXvtxrO<(ox7}*A8HY!c5BYkuc`j!KF_;@&U?szgJX1xSUF81S!Z|SO zu^3$krRkt_{wS)|_Ju_x{|~<0*0iO->72*&0sSPwF2hLEXLjH$*Ev70A^=d%N8n1; zd2mz(<#(xDt5>Ow>vgHiX=$@^D0Cln;F%_DUSRx3nm_UO70I8PCSh9RO|NZe;z@Cp zUfcR?xzj$2m5orqL!=#N1-GB~$um;DB-5NPRMHWkKG~5)Cta4if&HB zjXk4>Fg=%{xsS!!NM9tU*>w&AuwQFk!ma`WHI;wYn2rNs1o9k60J037UKE1naYCE9 zukAmc;cXl`che9$QMQ($x}Q(ZU{Ms6h`eW^<;I#U)7*X#wc$_<1HwCcwgL~Sdfd$R z2zmrbS(i95JkE5e{yF6udIXPFh93`Uq;Jt5ok&?$y0)O8WLb6bU zf(2gCzXMfp}BnNBE`@!N(NdU_;*M1t3fM0F{x_!kYrQN-3zZ* zQ;p+XFCPLRv5ll}dOUt~koM_j_x;i~SkL)KR$56|Jh65)0HD5nj+bF}cn6yY)6*~F zkl~Xp+qW+D6UN!x{MLb-DW=1N*50w)D{4(z{2|Bo)AF|vIDDzMLg{RYUXqo1*enF& zHyP)1ulZmV3tLwcy0#62u5KFT#<}@RV|1E^_+O~a+`QXsYls4!kcQX>9>F~X0nc~O z_8l(wDeTTI2%$mdNSQ<|2jegFP1NLAlb2j|IcDfP*WH7eTzS_Y!)N4kw_*FE!1~j2 zsJFZZwgpcz1e%~(q!756P!Oy;$ma!KmIPtI%L&kAUFnGNumpMal9=pWW(9gGD^01W zp?jd~l);kdXy)|Dr}nTuRf>jd(zdM&y-#t6;~<*fc2oVzDjpDJ?v<}wGr(F)z>vaB zztn-{Z|r7}3jJM>nwhL`xL|nMJN1srMiyNKdERT_b=XP5F``DhtypUhOTDL@P3tq-xL|x`tI^JUh29N_DQQ zqQnRY2>2&6+*`eNyZ6?9pTa1beog1#de-%1W}MXy_4x@&*jTyA*L>ifd5#^5!esqdruDk6 z5dA@+H8DKBn?${C$n-EBe+~^YRv##I$&1~=tI5=(N2F`tJZ4HIk3%4dh;yYOP#NM# zof_FoeABmAIV`|wXc1cUqT-wUAXY!YQ>a6loj-(45FHnp$^|q*;_KaE7EfOOM|{+r zW2V-c%4M`n3x8sDGjY@hwCX1^|3z*A+VZZH?a$R)2kQ1_mEt_axRPX-m&jk)cGrLS zBcOX+&&#u}{QgAzP6iTxPqX8mWLOghqWCf%JtMXbhJ&j~M64baSh0qZLWMtI?x9kx z^&2D%c{#c6^XC${^h6jdti}NIXcT`Ww%0kF!`>BM%%Xio%Z8Ca#Kj2Kjx6LnH8l^k#>ocBvD29Z?( zRXy93srJfq8R~0Wy!M-o@XuDAm0-v!4Z>v97>16#hFk)jsrf8t)SbKipF@V3LxPJy z3t#4~w_2d}ZTE=1@S{M)IuI$SumMBf?y{!_!;*=2%{r75ju_f!^k>&kPPxutFzeL| z#k^6NqP2$MpQ4Kh>fa$0p|_J#W5xLbP$l`bpSSIm_ECJ7y_>j}|M(AS5aIRRZE> zdB~O^Is-@pj0;mN5=#hlM`+XQ#oILQXI$}u(fgnQ`Dw<@$FqRP4n9))^5|!MWAQnZ z0A~5uSs*T`wHx&w-i@%Cld_D6H3ov6OQ)zDZMJ6L2llgou>+d)P1J4$_nZLM4cu*- z33w1`W%KqqDrePNpT;q8Kl6r;r1W&W^upoPrb#A2{F?%EwH~~w+I5~sV)be6pW6dJ1UA=eEVGhbi9=PGlbU0;kKo0Q;ip>9)SQGnKfP<~c5UB~R zVNS|;s`UJ{?q?UUw^-V)G|Y1o`n2uH;W>|>)x@Z^zGb{@WOK4oOg4@_0DV<;MFB-| ze-%nX4z@4M{K?FFaUyBbt`C!{o(Q3Kuy>!_g)`y-Kj8siiAhJR^85iJQne8G5%3m_ zlcs{8w-32U1{8CSdXDB<#uc@fj)qM_s`thiPJ@I-Zl_#WYg>VDxBx%O_WNe{(UCaq@BZ?qQ|(~A*4#n(KAbZ(Ln}1 zi2us7OY|{l>F&~EsEAbmhmYOa60yKX&TCtd%a@TNu}{rE*yPcL(0;|nE(WC`&7(Sf zgN|3HPe$rF=`J$;B&uIpOe51uj^*NGhETRz!T%#8*PQt= zMaFTgD4~J{BMBqIF8PwmSCu~$M91yPlz%{b!kx`y zWvWQ$NT4TdLWYI zf?-Dl@=V*fqA+zK^`f#yb!ZI#q^r~!ZxjLx1XUMw$_LD%CFpOL#Y=}V+CXUkFUOJ` z2Qh>v-?@J{@(1;)|a}qW%Rp!Qr(Ly`1>x60Sl91X39*CpO%4 zr=uMGup3M%XnmRI%a+6|lWfdVD&m*^InLk1bdnxNMh}I3UnNl?MWlT|ncPFdKC2zS z&9x=&skmQ-eAGgz%4`sd$gC1+6wD|J@FW3lvqq7)_c=ow z02tAV<6)tmGqZ{tLf=3QqCvekCVJSfWM?PNBkjP{5g#I%8f2Y9T?DT4BJs5e&3 z%96_(Ns9yrAN;p}1NB+ClLYDQHxn}*zL?sgP}K}}JEdi1dFeG$_X{}9Qb)x*BXsX- zhNXYIKj#*i;0}EpO*jl+vDXp;m2i2~lpzC=JU`o9%w6<=r8UYYWD7X-H~YI z#;Ui<@}FrY+_ZG;;XekU3UbOVXu&2u3N%kLoR-jJO^3B>2if#eE{%wvscm;d1ZEqK zYE#IL;p8J{20q`PX^;>xP2>5$=Ej$nFbSlZiuw=&d~Cc&z4Kr3ddT_83_@aHcmeGpSP*{dpoo(E5u{0}e^<~0ljFRq%ERx&>%P!vvnHb3>bjT-rveAvI8LxQ%1doC4>*}au$|TWSTJir z%+4tOS(|qB6a@qc4eMR#aSdkX74~7;oq)cgW_JbtY~t2oZHLFSW8qG^UJ=W9YD;?V zYUq5|p?kmdaSOvWan)M1y9S|l4swH9#ZeKblj%nf^?dl(bSuHDqRBo%Qc`-=+wKd% zhA}agxp#MYr0@9en)t^N&;=vj)ov((gG?->q7CiMx*1*W1K=0bKH__azcTO9Z+79D zy;WPF+IVghi?bUbf3^6c91TaLdQ|51TyOcEld%taCduujkCm}_y+7IF)U+9Ll8{ri zsXf}KZ(Y;5#o&4-X2VO~O{!GZa@z2ao?hPW$e~}x#Qgm>!@Xli_4^`$lvS^TE~!ga zX@S(dk%@^Zi=W?Og`)xnN^kpYiLFs~o`%<6*R5qI_n}g|5`q@U=AP>CtP7HhLD%s+AtbHnq!3+o(nk-M8zpTKKNAgQ zpt8)o@2TYgtXX&h$2HHw1ue1~n~r1Dqaqgz0baU5*{L#seDBFA*vbi`U?X5VNB~WS z*?qAKGPB4@V*x4GVwWSIO6D>*EwBB~K%u2QtS`5^?M&M02~WjD?}=bW0Ua1CMuUAV?};(dObCN1XMecy51h5C&)hv-S0ofuZ0DA+PSiUC zYrHS!8+$YEMy@-uNldayXm;r^IW4xmooY%Yd4>P`2!NncK|t{6Om4*x+YzTD%Z4p~ zjCd=y+Rk5;RiA+bmK$0nzfYv{A@|6WV=b>k98^@{Z0hTOQ?!Y!ORWckAqULoX8pEE z%UVoRB)$eq&&0fZNzC8_h#?_31Rsq>{j3wTY@z#tKf0Oxvgg3<$!f8w=UfTp@OPbF38*>w};3btzo(QT+yy1>VkpQFBD^OzW&ro5dFw% zu7ok-yz#-ut$=ClH6NNn`fQRnC{WB=;m$UFjIYU&Hl%Yi9S*ym>WG z9QJF4Pfy{vabrZhex9#S>7_YR7tOotw+)^cQVSde=VE$O16dEk;A$ zBaQBK>PoG?gmKl41`skG0ref0pT5Z)H4G^7O~r9Y(C0q;{zI)Yy7l+>cq9qUHXB=WsO z8l18$dLLNi8bo`g%$BE)18|VM@=(VSJ+`6rzQ&O7TQyR(AIcR@B##25NN=;tV}#x! zwFWH`=_W!&YFlS_qQFa!-4-O3S<|w?f)<5Aazf4VXFDcxhKg^{aT`Cx!MHS@jdvO= zlYyN4*Y`Rr3e_#&Q}4$_7r!gYfsL)*QNAhvGQMtpof)k(W2gW`G46%ZECYAYdxbVd zW2x#n8WPR!Y-r}Jczy79meAsR6zJ*8Cc+=mH>8?OrzrAei9scBZ$?|NknkCt%@ zqK<{|)&)3`r1u8b7P!&Jg_4^iuKF*BsEz9MZ{(kcCd`v z?|I@LPFu67?_YM|JXADEq}$1ic5O&Ws&t$+`(Bt^{@7hNhE0$DLpml+f+CAh{4(0v zqzTQ?fZy!J1Yo<<3ctu$q0T_!W5l8BbAIEh|t%9lA)qq ze;!H967<*wg-Q?EvN}3GDe7r4SFW`=Ik?f$o}SviC1)Y!96Hk8W{V#co9o90!073z z>o|E(kU}Tslci(xRT&=1^l?U8!x05HxliHk7Tv7XOw>F?PO!Oz=jI^~#(0UkdR}~@ z_<1<~)@N3`Q2rL$;@YXPS|Ju`i2zHF9_;&S$*SwOJN`=@m}dX^#lLo?l5XK@X7p%s z(^r+ml!tz7`o|0U9=bHiJ`28{&mh^2zL5}w$Ir(Zodc?hut%|UQ8+=qzDuGoVI687 zyLn%4U)vLj(gL)WcTvC?&jvu>yTn!+w;0&@82*IPr0q$iv-xcH(euR1wsn8xYF9d6 z1iBi*nT6AO`FkcDryMsmwYGw{9mX}o=uRzopY7}ovDoo!vYbhu%TxV)cQ}LZ5AD<< z=~Ql#;<$-T(}?-DTzex-du#BH_6np0RQ5hYCBve5`1&lN3r-sf z&V?cz-zBB~66<`qY=4Os(-Tn6dBr)7zs zc__ycB&FGT5fFL;04leCe|t@W>g^D0HSx40b+jTOcG4!VsE6w}VA9b{aYxJ*%oLt; zFPjFIbm$6ugE&zz19c4qJ@0cb7B@)yaa}XWb%kZ1vhEfR8&)|*Njh~|UY*f8;yd1) zk~)4i=&5FT(a%2jjC3Xq16f~Cd-9O&KJ=m@F8wS^(z=C$6{nJE zTxHJrJcp+LXmtJ-wIj3;&%Mf{mU+!urqZPP0^+`HtTET&S)a*XXsQooJb-2e!OD4 zG`%`98m&2D=X1Uc<>fFqTI(Cqn+wHJtt%ICp(FT>T03T)FsPb3?U)0lDlGQ#ysGZe zS*Q_XHWm$X<=MWSj#^t9&*u~t@MRb_Nhcl!L?2UxqAsm-_rd-gVp#(oDL4<1;`+U9dx@zi z&DNB@l0#%jfVELf#`j%r+t%;?i+yD=8;gABw?<)D;%0ty)G->5<4OJLw(Ajey44)? z)>qv`cIc=2n9c-6s>?+f8O9}F@CM6!^pD-$0ga{g4z^(6^-Q$xzUbicTf5iZpgi*_ zogm*l*Qja71Cc*Y0H21-S+Nq1xAaN71S5Fs@psCG_Pf(ue8!bZsMN3hwN>nY(`xic z;_`Czu^HtZFBsb?IZeazYNSTkm-9JV(+CY(@0GWjp-`yw`BPR#vy_8i$K45s8d;%( zUojA2&OesVULmV&+|{3h;>)32r)}@bd}=aIo7BZeXG*P9>9sbGO47D?3^FpOo`^}U zK!dzC!;ZA~{M!CHZ~lfRgcl*d3`UF=fzm$xlF?bk{D6|i$d^VOcWL;GsX(Bz3)%spDSemSEi z)1lXSXwYav_O2}oh^u4&aPerk4SC)=sL@KAed4FAsuw26LpA4by)hKa%*ZLZ8@0*S zzU2H(K-fS?ft_q6ms~m1OOVf;*tfI!xg)y*)6vwLQf{V>@*IRmE43=PtxT zF5Vt8^E;(aRc;k6bqLTAhutgcFSKkwX&4)SPMBe zeahHK3Ht83QoPRdePV7^>mpYTR&x%t=%u7!I=_hU1_ zX>EVsGa@W1J|phU_brH*XKVXlNKCv}0=^42H~zDTXIQs*ZZ00*PnJVyF($F2Zl4mW zcsCaY_~f8y&LG>T^TS^bw$UTS=R6?z>QDN$1y}@183M;x?g@hef18$YrBD$*Zwq13 zE_%hAAcB$H-X@I<&)oH47YT3Sl~dfCdq>f;BKoF4vI=MKPWtN2=?Bb$|W=g`Zbr!^KdjP`Dn%wY77Q_W%MmgW-DRh6BG^YxJSEwzQp z5iEJqb=`zqXbTYpZQbLu2gsku3P|ro3__$aI;_v|I%2lMf<-CP-gT8Dg1H0uVPnwN ztoh$D$-Nz=E6Y8%I9+8AM@`_KyzD!S9x@=A5%*m=d}cg&8-JBQIVkQvms{PPsGUjR zs^+2UXzvrP7w#6ekw~7tUM9 zk_u8@wI7sh`<62HDD0&6yCV9J6&5u4U8cCE&m`p!g#Z?qELB71OL|25wPPrtHvFb%p3 zce2EVAph&NrY;17%&auKV`k}x4mLo*dh{d`;XI7j0}=B%c`qP`!r{7UI)sq4OF&>` z&anLqq;J_@vx#!!Xw*;j!=HpA3zq`M$V04y9{Q6<4X&0+A`LGN5+4Pb5CtO%kJ1x)bz z#~9ZDvI6r*BdpYFFUz)frBLIDYoGn(#Kf=D7ZS`VOcldt7AGRsXIB3fvs`BcvQ`#2 z7-XU&Yt4!&t{b_1@*gT@z&2K0&tHZWiNu2TRe&FjXoM2zUg&HX+tYI3k%{pf=$kg{ zv7iKXyJ03fxNvjEf~}PL$5$*O36AI8FOy6r5PvUUX~4;xjj|!0A#&fO?k5gHaMwKh zKV)5HSd`t?mL7U20g<7kJEXfM1f;t}q#K5=p`=5)QCg7h2I&UrmKGSg;Tz8z=jiv3 zi|d)0XRp2TzSrJMY!fOyD65o5Oo^YTLZ_RCxr+HO_$1mu(+(2eyg9Sq_y?)f!t-mN zEE?S8sLsRn0lqt_DZ;C9XD*d@7zk2$LU9Z7v@A`>#(K_{%JXuw8Q*PeH~N4Lf_{J3 zc=xX+{3SPWoAI)L?gD5J@S_JsNKyK}{r8~(R)3_^ zRv^U^d^h5-i`h;dtmP_U<(uQ+0H%L>y7exmzrF3a$~dIIgR_c*{`jZG+T6yiyY>Jk zz*aVh{Hs$hcc-E3dq7W*Iu#%>EXEtxnz$-fxEKXS+}MNLQzQPL)RZ#L`e zNuDEedPA63xG+?{; z$^ZL34mc6tfq{|y=j_<5TnKrWc&EgkEzQ1VBb@MHcP6^N@7sOl--h)-e4P1W; z_bDRO5&u=ti-3k##wboGYsAkH%GsU_o>?1k7)C$1>wgfU=wQ0gV%v=V{e}Hd!C`(x zT2E<~`Jji!XFdTfUspG%zb}^|vqrDm#G;`)noUE08t3#bBs2*BE>7}pQaB0)fY9)L z)o$2Ve2N?V_gYYlD07G8-MMDjX1$b$v(f#DDjCKe#y@|P4Q>Ufd<43=#H*pj+Rc~c zZHV~tOy;HKRPK)-FZjJrKE;358-Dlf<$GLjg*9^Ex5)ppQh)FI5ia0qV5!MH+D`4N z^Bx`!>=Y?H9owK68TIIT(3_t)&tkalPx(U}IL*Ih{XbFTz%fIrJw!Ut(YTOAOgeg{ zwq{nqoccayJlYIAJW20Hz=0PB%LgXR7gh4xAcp`sX{=Onxmng8-G58?zwOvQQPdB- zj74Z5q>sR1q5KwS8Wn@a_c+s;jmPj)YT8Nlj7Sz$$fo(}o4fy~xHPK*@O$3fqu4qD zS)ssh6ia&f-Zwu`8JN@zcsjU#bcE=ab)~@Xz2%EfI{im0|6V=K>T|dV@4&IiPLYsr zGM~md*&ozc>6AYR6;c!_59QGZHWSYjWKK>`@DdjM<8uD_Xgi{pQu|2@WE<)bdtLdt zZ9EHJI)eGXKJ7mnz8T=RdoTGiXd9~XLQgNh;IjpFu8B#ti<0J0hQ}4s zgleW<=KsFoYA3ZH)W*2eu%N;aYl$#Zf>b=PRM3NI_r=rea9lbIYoMoGdcc+YQZnxU zlc_R4qTKSUY-X74(46CH(zD~lWgYK`@|0|u{Hgk2S=f?_Z#GpQS1}sdDPubC12c-* zE7;m?WqAr1))dTMXIo6>J0G=NzVYzjZ@D`eG+PGQ{(~I-t#)*n@Jv@=(T1;IWA3Er zLSbkPwq=DnewkKntpor6O7Pd`q!EFw%;K`#nn>>^gm9$PIN7weV@=gM1rPLa5Xlxm z!qg2dx6Kdh;jABA6MqsS44s^u&~b9cyZ)RNW7H_kj);heTRKhEhlhiMa}-#fnf=|K zM9rv;CV+Af#HU_@yp!(k4fwdYa?`L2*R!9p4E*Ae|EqY(eg%kXSGD;M`B0k!@#i6S zRg32SU|oJCvyHX9?#zGycs>~*V)*JRY+O=}mFC`J1E=@haj)~;mBZk>Q}f^54=k$q zy=V`JMj`C1ppq%701%8Fu7_K!%^12X;}QP1;{WRn+Vy|wt|G*)NdjWGPu*D;#7EpZ z?C86Vj#iXi*gg2o(bK{!lid`Vnwq*_KPWi(O%jWKq37ixJ`s^D0t(hAO+)V*uGEg( z|5?p{mX-~VYxL-f{dzvDjXC!7MzKboG1a3?B&+42n2lb-|0>uoT1^u`?xl-Qpj_V0 z<-y4xZuwsH>)P?=u<7VWW^P^{s_y_fe9@ShY}dAQ zF-Zd|3jlysM7>6hKKq_EBV^)mz~FXvL5l171!}?t@+yn{hz;%=Sl3gPhyL zCZ!J?3|!A^jX~r@-LXwat!b3ZTOimCu0+EroV}K|*(!O`Dhdi1IR;>YoMw)x2A6#e zdU4~|s`C4@6;w-f%h6{6I0M#;^|4P`4HOd1%9>B)_Qvx<@JrP6`{I+6WlJ>6^Uq-u z=H7;K%ounw>pS*S<3D|xUpZiAX;~~71)DOL`kBPrFBBosBL{FGFE5`b+>`+n3QT07r*BP zlh~DVryOkB*KP+2S%Qg@tt|@-fRbFmqS!7f$fN`}5zTExi?H-$o^Fp$=17D9trivg@iJ&K!S8#lQ|fW>|T)PP^rS{*6?oQep$Q;c9hlQ!+k<} zI@6_!{!n~z6kHJb0C_WMH|Qhbfq%|@APRQvehtJ+y;v>B^RPkYgAg>6-|LDkgWpB& zdnErEB@mI-Yy?bN)ZF~vH1j`JX!goa$V)JLrP>|+*~8A`TTEJ|^lUSE-}7wl|L-c8 zVFvqjS5sC9o@1v>HutLCs9c`&6_U>;!>2S8hiP@qe)Uig(D^Lb-U?{@y-Z(T5_Yol{lil^@Vy#p@K)X0B3d!L^4# zbL@P^khSX@h4XX77et89z&-7WEc$Z3kN0(Yy}kfW6fxxGS4oCGd|z~GC-5yS(m7*0wm=b#12Xuc9;45IwBVaKQTj)R!7(d&c z9OlluPf1D9c_tV)Uu{7(`EYwA!knS`yN48Y|5f&Y(le~e+r$!I6S88kwy;HgzpLsD zoUf<*Utjvm`y?W++Tl^WO}==TafIG#kwJ9;P$B#p&oM%dCmWM}#f2 zfd`Lwr_pEg9XHdOhLJ&B5ZyqSe@qDzk`=ID^~3-4b-BgUjpn1Zee^c7|>dtm6dZg@BRtnp{%;HM`@V(7UeZI2I(E%7>G z4azu&2csg7FP_sP5_<+;d@ody2zErr!lD82C1(NlFRT}8Z7P?bw$Fq-xb9*4^(NFr ztQYih`P=_SMCDijEMw@HLqkQ4{XD7-QHN&B{b>j+V0eG=oiO0qf(P=uv37t+@l&F8 zyl9a8SeO)?8Ov4sK9UI_5!&g$jfzMLPM_t_H68-yV~=4sCmOcd{TFKg#+*BCFMIML1Q^okQR2xM%8%F3*R^ z$j^z)x^H0nzWH1%F*m7|shsm)fbv%w=YR6r4~dL5ox;t~w)v}7S-|hnT@CG@^cbT* zJCo8&H#EAdPFs8s-{7UTlus_f$6hQlVWuFA&}X$wf`WRs{7zdD>WMo$?@PE|sFi3a z<`)zcSS_%xD0Ky6qAm+a=i3E--d5Joc*?BbsP^EpGv>r26$seJ<5i zfx9FF;pEitX9#(5J#Fs%{V6>PST@Y=gEYlM7r7kKpF=_=0hu*j*zf+>sNbKar>wQL zEL2uKlhS;9d6YCqo(u^J(k8H2tglFKLm_z$8&z4;0`tKd7P9YGT3ZxkLb=RBut?)d zfYuQhIkQH|b|?Yi%nQ{P@fh2|2he7J>K8Bi%zS)ccQ@ftEDu7r%SeSh5`?dR;AuZM zQGfrwuu0v4?++ib1#3@qIK{6%ntjEXlAcid=;nyH%a@l+9;X9FJFgNtCDc(;Ns{Bg&o(Z@zWe9ugpwS*5A43|zt1nMsD}F{1 z3;+6Pxn*~NvHVkaw!bC3;kmmq~D zQW{b_^H${_*Vf*ss%|z*y~m#a+-$A!MThznBnVcn#S0h>#i0VM!7hDsEPS28k54Ws z4v;90&}it8gL%m!`6Lz&k@;|b%c;VgmIY&9OW_w_c6xTSOzAWpJMO~R_&*}#H6<)U zvSdboQ)Hbm06^hi+I?ptv|9c7d!@D7`2wcE6);(R5i8>GTEH~JZygTxdE=i2iww)q zsI}rbMg;avSaR@*N+wFyAEi?Xb^-Y38SJgA6k%_Eis)GH$NNi2jCt}3vH=g!a}}=2 z^*|@p3<|2YnqkrTYUGdqmW>BEAo^3q?A=f@h183h@`Hssysaa#mOkA!A8-0a(a`Jb z?JSF>Mi&l7VN+jN?5|t`TEq~Z`%`<)-|+#9g%{kCzCPbgT$ z`|oe|%Zn}El)fQ*ohewP;okqdaSptMYtwN_Yj}`WDZ}osi~QBJ@X~f(Ey7+v2BoL4 z7Gp{B^YU!fZjfXI3lmc|tgvEW7)qG_UZ{=R*iLf0#{Y*%EpXcDs@NzBs?SIBZz&yj zb63gHpr?#qmIP|DqE%0J_L~_J6u+6Szs}+qcG%b^qk+UfQK8M8L+?5DNGuhhDgK~( zOTVuG&F&CDX|}T_7EkGDGF$5ms&?3rrpM3GGcd?JJF8HCorN_@0+0vBM|Ae=o>F4y zSzDKuk_BLNj?Hm|O1vi#bS8h&ULrO-R7!q>!7Q%N9eRm+i<4{R09@poQO7 zRisFP!MmSlns!NhqIo~1g`4lr#&$tO{)_Pc-OKnK4?rNUq}b-wD8Loi7=ohu)$r?v zxLFKUMPJ)QkTYlJ&Iho6gRc>=mW?ciF}TC(CdTe!K-|6~ixb)ZTcS)H=VmMl#p>$u zkG@s7p5KCaJ0b%v+*2=xiMjRK-^(9=H1S`x{uRNSqju*;p@}RL1o1+z>$BuQ1tttS zLW-p!-JbskP8q?Ez&MFsca8M;-@^+V94!EXzWXWAHxaOssH7NxFsOgUohKp76tJqA zNll-p;q>fJ|EG}s3wWkx0{6v7Hbl})xCvRi2P*q&|NX2QQ5so*d4jQ+nyh)+B38WjGs%Y%cFR8(SNS(7Us+=Mnmd;mmnO?Dy6^kNx`L~$@|4? z^7+JgnUtU)6X~oItNvW?pv^k>MULNH;4f4_^;cj(!!u_g zW#k#?C|8g*=%QtYZT`qU6|yUFR{6Xb7Kpz{_MVu{3t3l$ z2g=*FY`&XsawD@@te#6#zilolDlOrpTtA=@BRU1 z-uA(;ogYyy7In{8OnD)MH1^|&kU1Y)_@>)-fB$=t1erH9bBOce`ncNt^l8(zyi;Bl zS(|eb&C!R(a$0F2>6x<~mb4Y$cKw97xHlA7NaE8&m&^I>qNnA?dY4VEM@7KiRST+X z&}9O7(tnUQH70nJ4*|Ok5k`&lw2{b?KU5>zpP;eOj(Wn1w&xRHO!Qwb>ioG`7=YwU zu4ivoKYfrQ=cbX~7d>=a_;Pj{XSlmFZpw{K$;G8MNJflf%t>Zv1YZl7Dprq2#%>Hr zysMp}4OrVua>=pPG!Q%Tg~sM2=V4!K=1DgjgLG|J2hT!4&-0f&)9S20&#ZWb$Hm1J zNrYUS9kr1RR$4UM{qr8eRDSM`Pq#I5T#DSexVSPJA;@nC9-o}BZa4_P3VHx}UO^z5 zI5J7QoUVH8e_9tomfvnm2YPR8>N_pe(KXZ1&yFul&IAR0W|RF`Q8Av|hn#(FkPGE# z{fZKT`SEU-%&*j=NhX$^}1*jBUDs+tN=vH!#8nK$=4epk#xPbsDcCUC>aufG0jyLWQc^C(BVYMXaxkT}^-0FmWjsz1Zz^+!}Rv|Jb-G&daH;2DfTYRjYK zzDPt!NSpRCAzcrY*88u%D>EP_5=u_wSHm~5@_1h9;e_T|ELNgKb&W3jz-F&Q5SaF! zQoJdH&*}R?ZSF>k;=aaInT>9-b`|o$Qe77J-7PCAzw_(?zsi_l^HiP9WGcT)Bg7=v z^!?!XFV*i3bmVH*;@(wPJ$q@X+#4>ST$0F4$H*AY9p)a&Z9C626M3SW|I%VHdA`n0 zMlp>me`rX7-)H^B7oC=1SfWZ%6|knhRF<$W;Cd%xK1#d-!Q7iE2*$*tqoNA@Zg-`* zrTOU6T8$SJ6f|zR)&j>GwNpsfxL0gjIqZ3H_?h6bw3=V!_;|YLc3M+qLppMIry{S~ zV)E&Ht7%B_#1^iL+o4wxucpmgUG9M1Z;A~kGEGTHxO#nc^=P^5IFN;8R&Chf>T+lk{7I| znqD_m&E;P9JfSkZz|JJ)HKEs`@DFV@dTv zBBSL>{jxnvt<8$q{&zc|@l+gB)xc!uskhzffd))?00&3bUR$+#XAf7{qja0sme|d8Tbbow`+UAdV5|2O3#>YaR zTjJx(8m|*qROdE#)X^2ujcvr(e%$neI{ZmzC_A8DO&2eeT5r&*>A4D9xU1m2mWkcD zV~NQqmI}(}U4`Ao>1yfAx#FGnjK}r`60!3Mc70wOliS%Wd*h=&%9lOA+2e;M&bK$+ zuT(JvhHjS^L)cbiMMeG8-JLIluZP|@og!)zFuZ=hR7}vq<${}Ix-{YQxS=%OU>G@H zXT{j1dw%E?ZuXQuwVA{F*-Hi4uk*-JE37&SN5gkxmT7XLvR`21)8Bx>^>Q4#J|}bA zXVZ5`YWmfthw0jm3p^`6GGtz7VcNpyYaf#e`Y*)6J1(k*ADNQc?oaaYSqxGi7|wTm zUg|R-vd9Ovb4jM>?d;IqthTt(b8~;=KtEXV^~(f%RO9C}@#Mz)cGjC0?QbUO+Qymm zO(o^auSvJztPc)O=J$PSty_A{x$G55uBZJ>vRKp5H$L(4ylxTV&1`UmX^cgu8|-v- z!dTuvJe;O4nFk`F4+16BZ~=H&n|ZZAh|C7N!WLgibD_1>yS@Fbg&Z;MTpa&~Y{~xK zg+qRn#I}0i!+oUB%`4)kBbIrxv&Sp1p9x*?(Rc6GH4RD|hHUafdQeA2WMX4$w+F?+ zJVU#ALm9WD3o}fI5j0&L_HY`nlks9uEmg*Yrxjf=Eg%4hc8{}iGmBC@~Dd_+b( z)AvV!6ScsxztnHn$IgnojJKb&v-6NSrpoLps2%~+AJM+xO%{GQYd&nXDOVinj#3l#(aw*y^Tbv}xS>AV#tNR6>v=}lcb@F-62HrM z@GaM}P@Br*3dI9@D%{E^F;!r7u@8G4+1%VsMt`0SJWH5TbJt_Q?iLIsl)mWM&U$Zx zEy!k{nNXmX4W%T0ysHY%xF{|w-yV)Ni7v7scE0$jeIO{2;ORQVDIW1bV~*OY#SLYI zLb#+&A_UvY9Tq6)gJjbQUG$(2Dw#}BPztZ{^Nx5VptZ|5bI&VZG?&{F!#`M9+YR$4rt|VjW>cu{)i|TO{~C{-OSB z*^uUCR`E*8=EfsQkvEg3-*tD#2Y-%GI zG7%vybe%vm+rE!%0-TQmS|_^Bw8KHhT-m^-f}C60iVAQ_q4dx(j~_WGyLF%2bc2*6 z_(J)i93Fcq6*{y0>3RLEt>jV+r6MO|fYh6b!MJn3CglE$yORw{`~pK?T{*j!`!c<{ zJM2s`p38=?@1ZfSE8cCgcyY?xY2|Hl%(`4j%i=SJGx0umyXH77_EbykP}@DH$;h+W zJnX@}Z;Ht~YO(_Ntsxk#N$rHLds7x3XB8@MB)iPNraw%m5f=k9uS3gF`5Dlx0dLASiL2Sp*V)RcSCUN#x{!w_>4+i4^npr#ncL3CH=7?uYJ* zKgC+0ovA|G@-~Ff5qC)d-hcoK2^JY2CE~{wGf?P@WCUqqVbe?+qGltI?}-KM`Dfr_ zt0$e(h7`?2#1{g0IWjLRP~6*HI=f$`ipIyR`dr1*cE3D3=UK6IDZ1%Jrw~iwFW;-8 zl?S6PIe3a_BQ;yvE4G`;5jRhb(SQ>>Sa!ke(5sgZLdA4IP99ysTd^0)xS z9u+9pgv<|OO;M)KnTE4lyFyX?e-pDX1V5WwOalow;7jQ8ZDMQ{(8sy8F zMmJ;sll=ahrunh^KYO_@^=RS$+%HmWR!b(e>RUi`)h7n~R^rZmaTn)2i59nVl63xO z)C}$W2%QnJEj*_P!&UkFW=X_m6>|F??yrO)8Jrvdb_VP8%?n1CwY=rWc5oC3lBt@B z59C|lD6yJ0vVBU_jUitlGx#Hq0D{YD(jdiSK6ohPSu^H(^X{&$s=G;!HG<1_N*3>H z;@wS&tMHlGTFRe35uaUe!|IfWOy$S86#_$5SXTpH0QMg&D6C4%_5$_|j>aS0u#+Nx*Joc~ zuhJ_DI!&~K2XcQ4x7V_3IZn0S?vnxKwmle#5fc-0FGTXGkAQ8X<->=qiHa%?qfZd8gs(8zHD9OpP}5Km21iW_ zlYE&f*Bqrwi2?~(CPzsQ%>{7gl%b{(lUj?uZ;T=p07@3m*I0$IIp&C$qQyB~@Y2EV zr`#G&wJ`gsZ(bsm%x4z)j9abb-Qa{#-bxPZk;uJIx_0lPR;>c6|11`^IQ4{wNA$ux zS;1dex#%Vhkh0k`IK)gPq0K305jZqMQmOog0$upy?ZA4TQ?RJ4eJDmn#CAi3!opG5 z$do$q2_h0QjyRJkbaLFZm!XT|?@llVA-FU7b~FeNL=%L|D8w$@ej=CsgrcCwB?5-6 zK6?2w0Gxe7pP>tHo)396=szATN)0AHDlU~D(g+;Tw(*KV9z4En8KlDI#M;O!C`^2h z)EL`E@1W(N?0jFPuH$uX$)V_irE5m_+D|hsc2%`XOUqI1VJxRhXBzWa0)!GB8#`%t zTQ#DG@JkG~MqE7U5hr`Uu-)K0F+mlL8q4QvqnXC9pHd0(8u^EomgjB3VF2@{`iHb&uUz%DbYwW82bp2SrSiA4gxe5%~ z5Whvar?ObiC#ccAHOGFA@NvDQSM`l!9KK9Cv!=#%*^WoUbLU#?IY$Pj%0u2F)h2Es z0oXxvvQmo}^7$~gAYYBL+=kPwNm#a%?Xo{p1yIwV9gDnQzrg@N3nmLji87sdikVI+ z%^VbfVs`aw{QO{O%%IbLA|IP=JCYc=g5;&ebSD?oZ6?z@!PY$H76}f5T`7)7hdW9K zeyuXfphY>XZQ9YR{pKV2%9*BN-bjW(f7rTiou!nf;k4p|771zU@<#XjCSm66Sv=XS zcXlo9((joEIplh(6+-I5IG^I;mYOk&m-_`7M-kfTXlWI8?Lpx;`y%Eo%Of88xNVjd zU>JN=QpUqV!=!yvd2_~mt%ZatjpCHJPlxH-!9*M9yKV=5_mhM(U>e&YpG}kT#-gl( zBI9u=8U|P7iM?9n4Q0*HHY0c9t;(;BDe^Yj9eSCTwttm6Jrm}lbmTC2bH({r?XTto zUvq!*-snY`vh9da)&b$D8tbPZmGW$bJpzy@doJhb5})q~0kXYp9h!ZZ_sN<98m^N- zgC&{o4c~o>Nl-}-Oa0vqwD|%HwEcvlvwYv3SxQDK#eGkLNNg4dgIn*eE4tcq6y&M? z@uv3TV1B%d3Y2i$)3iFVqUiLgI5=Cvb3Wmfh6-jovI=XauPerMk!qT4V-XJ~F~0)A z#%FRM5s;4ZL$e%=n~yb_b=sgAV`Npzdv<)Bz_k4MaM`W;`CI?WXx7bTTcmA$Spo1; zd}x^yXN$zCo^k-8voGnwGqVXe(8Z4Fx#|;Oghq1QC(Hb^si{{jc3|x`*E>z)Aq?l4u)#Qtv1GyNilD^7c433aI(-{S=aWC* z`(EP_Q_DnRYT8QFENX;B0wL_mVphsR#(ef(eb11agM)*fq4+TiX>RAVlZQPaCKL6mW(T}2O__KG3Kg+`;;Ueb#o37pDXd4rI2^zN2NUKpQ zfiu)N5*$j#yNZ>L2gFrlWjYw~hK%dCL6Na`WTBdg}QZ=#p5gEcvfmcYxZT z9B07hy%xVZCct$-l~$(tiFZ0kk~TbGr)!Z&CnZaQFPy&G}AJ^wsq>DV0R7QwT`6Ss{3q0OA6<4k+s22mME8w-rjs?jGNo1;8uW}b_ zpHjs4M)}O=LxWEPu`aMEyScWuygbfk-v~Vg3oWwn-y}Vr^Bi22zkN`h4oyyeUt@U{ zCGdW1XlBAb^_+7f6m!>Z&tltc?pvJearbx$-1}5z*o9uA*<=qS9MDh zNgCw_RLB&WY(v|Y>(rzIZ?@$H#t98a&KrU2{p{|iI$>i{&P5tE#WT^9>RX>v$i$J$ zNVPC=Dz<*SqPT*Z22Rr}dpm28Jb$r+VkOWwkOt$3?c-p`NnX)Av50f{!ub?>RRBzMsV$?l&#w@3cEzfr} zp^kWjn%n`SzKfYkc!vrGd z_-!oeEgi_|ob204&;0;M)fhkeBUsi9C1o!9nt2by!ebJj*FPP63D4lplAO`|vRQJ( z@L%{;krJoZCcXVJk=Xfufc4O3PK8KL$sD5Gmaf*woU06wfqOk2bg9(39b5{{}* z`hGF{UHt658#=)z40IGmZ@qsFrVUAXiA1Tagkyppyp5gbPQqim_*Nrd(5HRp9XKYZjiglil#@X$5%5{OYM;P`_shqM0GhV)d?BsJu+9)=Gl@b9(qtVn{} zh6YBs@x3(4^c024T6NGg!k^w7O}B=pa>rVP4zRiJ$8(tBHOFUC`A_IDN=BKM-%Rw@`~h!^Znb2>K0q!DkFB%L9MO|@r_tFgBc zrt$fon!r#ExVht8GG@w7uA0t{E}3EUFr{mj*V1i=oL`em(&wO2bi-JsN*Gf3DHs*?#B4K6C3^gH!%#U5BMD3-3FZR} z6!9~2Vga!quGU!5VK^l3=K}Lk_XNs9@21)}q7|FN>jxKWy?S8`2lKTrOAR8sF|c`j z#WYi7?(IJ5)adN>@HW2?{p#Ga>hcuEb`YZb=vNF&GF-`6%AvHZ0V7j)1BFl>x`E1%*zoGl+-l}xU|d7( ze6YLZ$JHwHBjMD`X|EDN0*W=H;^=j=%+X!F>E1TJv`6Xnfy|Cw2Bpbvj)eb zB4=}@bC5gY6ync5bYQ|tbN5_Thr4b9(PEz zH0>TaY}vN8NjhrfQPu4oXgV5A$XWU-e6{Q;*&R!-b)F(NBMLTYE^QX*AhPRBj+8aR z_g6RO&g7`M6=j|#Lv7&;Jq)h)MK(5w05%p@oYVKpRZ}=QuWs)oQ#KTP$PRkIYTyd5 z=5}fAGI{|_wN^3wD|d5T^UczG%@Ki`*PEIKd9d|bxsjE(T|b3&cNlm;MTv@3s504# zQ5|f@-J`;U*hSEPLWopglf(>N_f<*O+#PntjQJ)|a+a3yS!VEPUdJ7tfVCQ(+7GyP z4x7|mOQ@yyhSDBueiq8i*0GxVN{@aZ>L|oxm0K!r{cvX7o!@rTs7-1(l)|W2Zx;)X zx>$yzON5*yx;7Yw}}MVBOf|(I>ta1%gtayJ0uPsf4rF9ZdkjAO9|3dt_c4 zJ@EjoOwO{HK;PK3HE+J=_dY!kzwtRX5r5ANb~J|no@V<~iqLIG^b!L^X=>$J5?K#o zYs8&FS$Ah-1p$PBDsNOLKkWqIq+mxAv2?0=(QhC4Cx==A*VC96icW_DE+@*{me$1}`^+E2>HXZc>McP9xS6%M>v zINZJ0Oq?k#xa2LH8x^@$&g5x^o;4QP6*+8^{zZ|9?&1LOa~2OVUlq)+UyrV!4pS@L z`S>OtDs6vIo|wfVM4CL+?wAtbiA0wEp`yr6POBvtKU?|YSWwf*imE^!zN6xtuKFE1 zTGSV%plj`fB(Dgxs$m&!!ndE5FZlMaZXY_<@HLv4gQl%nnq4{QPk;C(cy;KyR%&WmM zIXQ+5KF?rSOQfBK`MKpZAh6d6>=R5IS(%=$w^sA^AP3U$4%UIF2y-T}%M9Rm!J1OV zwlQhN5^dcTu!*7(^Qgv%r$?(PnCGyLr2Q)GFCyG0#y0i~VR*E=MdPNWCp&mQ!-UFe zNly=rmS17qsGfcy$IO)cYBrcS*?NClBy)MFBU>?FW0~r(*!GzHmJIhfC2~Mb(q^sg zk}VA~`5D2og%MF-fe1DUxAluqDOAe0yqy^v_uuH=rZX`;NVNWH!|Dn~orwRDkbGpi z@h#GM@66((l>=7N5#gr8BT57PeVT(yZUtMmCS& zj2kV~9$>ZTLZgB?0KUO)KRL}u2QJOPL-eC~Q_=f`HX)>Z9tm+h0N<95@U2q1@XMWd z>-XrCU-I@9Kepw|VDC*_zqxUmFwYgE_eQqH1Y?p+ z(6gHlUXTjB&A2g@(biK-%!jJW z-w)VhR}4pM1|-= zd?-UvdZS3IZVbAzM>3jRW3zZ?>dT}>?msnu^P;{}BV4BcsyB}9A|ASgy6!0=4N$zw zWIK6R!TaI_?@?T;8uu)O+*#Yep!JSraA>HS@6sj|OeXCEP`oyQvfs3`y@YEGiNKf< z;?1)|2>htx=IR zX=!Y0qWeO63>F=7aQ@zA2rYn)WIep76HVYXPB&HVd+b0mSsdVPecqnaSJ`C-rbnjGG)#BJr#?eiA=@?yyzk<4Vx9VY| z+}7&#ijIdigyiprJp&5+3g4&tc*ce?DgpuRRg|1b8ibOnnPB5Ob0WMGRUZPKq*Ntr zNdEX{j=x%uNV~F{919)p>E%~q8~`9XZ+<2+2Ri>Hf;;W=ra8^z!|2iY=WCV75>QUE zMvJpW{&eTvbN-7{$pQY_&)_t&m&7*&NRWh~8U!V>mO7>NtsrOH>0S+&hPbi1qhXFx z{LHz>%d2=Umw|A#HUptAXwEF+&X=q;Yv(CaqiqBZao+AqVI!T-7e;W%rYF9d)Z zSa^1Frul{65(mp>q8s&1Uo0{6gG7@LJ`Q&)E&`izeeg%`I{R3im%0z+;$K&MSB%_; zFAgSqw_X;rBC@;g#B^|=s&IcVf7EpL+TO3y`eGhhNI0-=vV>k2wc+c~2`1i^oDQO< zjA=i$iVIDI$L7)6*ZA_oNLepyz_y_wTIZvDbNpJ%Y@%3#{}`+n#5^mx*&yhP+jg>E zi^lUMQ{YeX;^HIa=Y#rz3ft18GqMiMd4|ZDulB!}7vOY-SgezrkS_|i*4Zy9;stUr zx7m?D7pCq!&cXf`D|SW1y-u+^e%(Gs!I6+ja~FCPI11^F7TSv1o3ZP4tHkw+>s}o@ z-In@66yHjZEY^#Pa~UDrG|dk=|AtADTrp-oUuhEpbdW3CSEgv?vRI7y%2nx&g4MsT zyg-xbW;s*#sz$0%NM1q&{bawZr9|*t@=*?x{mD!sED%OTJr^jm2`(J3R|%Lq3aM2o zZ9lbG@eh0xF<#Kr6y=H5sgwR%aC*jNr;oj4hxz89_B$T#p6c{EzY>4~v>yA;w$j>1 z1<&2b?O=}9SEl{@1hmEd$1G~yytOu=?>qPrT)JyB$6CZ~#u-Gk<6y>8Wk`Yj+YQ6y zx7?I)R47cCnF7%w=Ml*XBWKEi2RqgwVpkoZA0H472{%~6Oe%%)5R>L-G-g<(+zyKpM5>}ZD!1xzs#T}7MT_4)E>-8>+(ot{P9f!;B`CD- zGhjSyH-h@Z_K5ZzPJ#u_z_7twRVUti9StT$rSpROTu#b`RX&<$;1OkX?PZ{5 zB0?K`Z^Jx}+D{8l*!;GmA5ze=rdPDbck_8dNs0UlGC!*ePlZ>Lc&>;lMcibyhU)bK z9vns^r}_8oo6V(q>6V*}VA%dgHtg_Nm&3(Z0#CuxYxl#XPIU*ChM_~yJ_)MoTG8yT zrs+%}PqPA2ExN8_dTuQf`y}SBYz{%Yy}>*K?`wP#isdtxP7XyNZkS06YNx^F+*5~WOemlvO$kJWwJ*_{rZPuv2tA+9y!F34*oaWx> zlgI7!WYVqWd~Y;!;;cY9jit!q&@=RCDzq?#5qtMQH;$lQOpJRPAXPD-oWI3C*5IdD z8Zh(qqyFb3Q&ixA-F$uQ#jXEE!H0d2O^2{Cz$uB@XTRAP3U9Me97J2WhfNOIL|vn5sh$;a%YtF&{&s}d`~bdLG{#e5zN2&v+t5M|7-M;?0ze)!7nKS8;w zSz^nns$^?%5PNBw0KK# zVs;@s2jL%gRrz$atq(T8eH+Djo;Rl(e*Vv00D>S03AX|e8)^GTm;VipOTOSqd*G9@ zom&Vx2S02CgkJSRwJo#n;sXK80o0zs4w=S2rJNqbG0{D^>2MsEN2usEZcsmGaz-F6 zwf@;MiRC%TMF=905W+9C9lWSd6J?6$6WO*JoiIx)MIp( z4uZe&h@J+wb5OZvIg3lvIvQWVSW42*500RQjKA1Pa%AigJlt z3k6wpEu}?SuskgjNw>~Ie&s12t-{%9iCuNLWBk+Dv7o&R5bZ*|s}XgE7KgeONoVy- zVtzxxg)l53iuLEoLRt&KA9oU43b&@C2dd8`tjx3tI+;r~7>j4ziUB=%vPgWp)sK@+ zlD+j7PvWu+pXi^BnP{^(+$TBP-s?5k9*ICgZlL#WW{GBgA-1wf?Ze7%P_H|6@U`Ro3~XL!ZS~Lf7@SLFN~8R4m;9W zbO{yBf^V)|b%&E6=@k-4Oy#m*5~0Gsa$E6bonhStSI`hqMsN$V!_NEZ>IW4B`()?w zi|mm2ZKpHe!WyZ5EVhG{+T8k-b?1gAL~gGncE=INS7UpnQ*5fvb9~ztB(E-79XSs> z)G2Y1=l2ze_`nx*Ea5$O-2>sMA2I9iUH3ds6)O!wv2Gf&fo2FG1-7B2W~)ov2HP{T z6Y)M(kkA#TSQb2G@~2PvL;dS`zwj)_X|v# zymI@bY_p4Io43j?_^WptTKY|HPzhADA4`N@`ZYKHlj`C*~u_cmfjg z&@)Age!l4re{8%Em9ZYyGj;Cy3MC$fWt(r8wdn9Obo!V`wrmF}m)%TRP8W)~KnQWH z%Xe5+VdFx9>eABEeJj|yPFWOW-HBkF6YQDWZ_EpCRdgT4cvUimpq+dU;uy&EK5E@Z z_}#QasE7+KZf(SP5MQh5+?2(95gr%IX57`t^` z)*M-1^ZLs-Df zN%zxEye-KY)&#roK3}|3XrJr@SE$iA$*%{L=FMl{^kP^=$&{p5HF@cM%O~JTh0>6! zh&+yuhznhGPY(;=@T-A?pmgdm71LqnwI$dNP%LztBG?}EcJ@bCnoV~*&VfdgKMyeM z^+P%|^v177jE3U&_65NLA^@W)y<%ulpv#BV58HeWJ&RCGjM6Ye;2673I>;1#vuSbAL%+YKlQt{jqxsLbOdJS1$(T!f`c}C1JDVD z9X?60!EqU*t>d@fwME1E4cBW=`!nNR=o1ULgPZTHGS*U5^9Xw~J0Zj`M<1aiAdhEX zc>U$Pa77J!B1%$`^SNY7fZ-*zKZI9ow`Lvl83RVSNb?h@^RZnV#J)FB@Al=MCq?U~ zoBuj~mtib~f0na^Fz9^ddY5@5&xC5qPM4dwh=fX z6rcSPKwq5Kg-v{JWMVLgN7G)hsjBIZyFg=;z1fJZ=GS0W_zt#YD5DAI;UkZyg4`r8yyWD2YYl6v(JrH!!|?i!m(= zy+1I)hacfIAh<4NHUY}2q^(VuK8;jFZVzCOAhk*xu7zg2$NB}|ibw`$AL5j_7=#|M;$^=yw%4V#wEsG@{B!&k%JRN$|EpMC_lXjO;fIYoZ5k@b4A%vZAg z@)&*q$l<9fZx$9?kPmQCBV@P86ChyTaG1g0)~YtPi}AEYc)BtzMQu;4qqxqi*G}Q{ z-wx&uP@EM52qLwczXDA)z6>vXT~u(H!U7G_CSPpvRh!jlRyw9$*FoXQ`TDFk&a1-m zO8O(v0)Qt?5w(+R8LPTv_ApiZ_qdD{Y;sWL3g3Isripnib^%$U-y-yg<{VCEPk>W6DVs`V- z_3@RuE}M`d(4n-eG`V6Z*Wi4ENVm+J5(Noq8ZL8!;(MMpw16!-TAHuByPm|%=RVqh+xfwB+1s5ntN;+X>jGWqYJAp|q|vqyf#4|5Or90>t1*if z#BJ6tZV!w=C4aA)E1o+v}V={#wW3|dJI097)eiz2*X-qQ{kv?S608DwE22vvo}t@BB;To zBrJ`c!x(%~tSrcU-&gZF?z-?cAHNAcRe+x{GRb&CuAl-Qg&tq*R?D-1H^2CXtJ(!r zeFFRB1fN8p8Ww0vHXd>XbnRc;Y^=#1*D^^xf0g37XC2{_(DaiKaVQoiF&X@zag(5E zbYCUj3DxTq+&&jdV0qh&P3B9H0uiXn%Bt7or4yOdebt|soz|cd+4j5vYJbW8toMI{HPj(b=Bs$$3rH_Le#$6oK=Ix zf(Q~`dLV5e@i_(ZVGb)3EUP4TOGf^$WCT=55u^idM20rYtSs`sF~Z1f)_|~Y`&C^l z^E`exOuDu1?i`jE$qhLK*q2G;t=D7=4+aEcqu$*d34Y%i16xAM#9R!o=L^$F30CUp z8zJ-q($uRc&>HnyU;3HC5Q%;%l(qFUZuUOGTFV3%g&pa^&arF~}3kPK6Lgju1TP`shWuwU~>c$K$mB?u8Ze z;o*azJvR>fcAFwD1yAj2vF^wvW!Z+9@w>q|#E1gKjOb7}QfF2BJ@@>ZJFS`{af;)g<^eA zYJfICA)u~umH#X-VZn5*{gW(GQVCIXDmA{&?6lb}y+A!#C^)N&OMbr!|L~TFe#x>eK&- z3P{P4sWzGcQ3ldyy>)XRO)JEVJ0$SiVyL%g^%y*0{p;S&ks1 zNb%fW-a&<8etB5TvI=WBIet1Kz0g3(4EY=KrMD-rctV@kt_;JR_sl*$)!#1Gq4Gd@0$dSN~P!Q+=eH(HabfI7^~ERqZMrFUSoLE_8o1W?}` zt7CY0pWREifZGNM17p>Sg7sv8;+o6F#EA56_wtMJ31e#^S2Kqv1t;W{urC}6#v(DY zzpFGI(_|#i*DMi@^hu5V>nSv;vl^iz9hD!rH|cG@a9CJDZp|0NLl)P|n$l&x+#?{6 zld-Xpu@{5n_7Z6LjTCC*)3k#90u!YrSe~!aLHqrK0F4nWMlhieyvG$ zJ6mg88@|W~N$S7q$Sg(QF>H>L>I8yj@(+5d#^xWnB8=sd7d3Z8-V%_nRLrd&Rk@gl zo;!<%69R}a{P!zbHA47r9FN1R&z50Eno>H@mW6e(+eo2;(lYiJv^;TNF3^^Gb z*c$@_RwR8KyR~Ht4@6sQ1%q3W@KWh$w+YX8a&6#B(uD(7fJmH2Mu-2ptpdEWRQ*h@ z&_v6cS-me2%+GkgY4~m|e@S|;(@RHQ&*$jfH|2E!gS7lZ%oyB;Mb*+EloDo@ce;+o zfIG09bC?amhkM!m-i%VOghfR!AOF|i@cbm9&+ z7|ci16tKhQRi@TP2dkBI+BhzEbl=U$#GE^j2102m6nvuu5g}h-GI-)J!|uX zMz=z@O#vG})+4PKYEC8_SewZkg%bo^FW>qHsz3{Ce>;-D(j&@7N;bAPQ~$hSjMo@+ z`hcu=mEy9M&{1Y++bbp!*E^E?8gV^_%--p)x zJwoi7@e+fZwPCM6~Mb-{dF#7qVGZy*q{U*tgPuRW&^TWH$ zRXHs$Rb6xlS6yVa;qYE?NNKVagJ)kG%>|bu)R!6Iy&cHb)|D%}Fxn?HN`k0k& z0>e#Uzl{4}89p6FxHUDilHTtg$-}UUQC-i=)-jOZt z2#*Yd>;0FkScdL^_b+#Gqv;n6jmq08xvabSnmz5va;}%RNEuBUa8cwo-g3rIevwr368(#!# zF>)*rP#gfMoCe#Beuiq{Nb6x7LHyj0oWWT@KG(=vlmMuxbO;uO|8<-l^{<2Ht6E$p z41wX9o~H}x83{MJn~a;ST|$w$<5`aY8!)T20Q0kvXaeWv*<87K#8@f~i}2gnRK{P> z0@!ByF?6{=5axh(!90kzK$7xJ`*7pKhoSMsT1FI~3(3~Xm-^uyfZ@u2 zeToo3@iQ#$v++Z?w_?FYNG12nhf zd_Imf`?~jj+RNnPc~d1Tqk+2HaT8W#mP^%!a;F_Uw#vw)d#)HrZa&sn*U_Zuait_n zvp~#2OaHi+n-(^ND_x$KO@mf!eOLQoKLOA2c)nN}6Lz0^_}f}OlSXrUo+}j9AQ;&8 zFDz+n-#Tl&X$$Or=Q2XFq;^?1u()_+r`B^^WAF_gAni)gVrjl}$MHpGcy>LB{XkJC z;gr}T-c5M0kd_E@pZ7czpWFR+lwhZ4B!nneP1XIj4e=1_fq9NYL<5V-lg~riUlN;Y zGc~xHRW65+9}+rp_kvxRzGu3hty6Vh`8^D* zj9d^|)2LaDPA7v%W2ecsnN@!W9TT{5u4#(~HQ7&e);2t+5J%I@{Ag$%nYt$V1nYdb z>_M`_CAurRsVg#E_0TQ&+3WFc#}tUCO$CMI6rWb>P&0aB$zu|0Y=(z^9ldk=*}7Vd z-M{R0%y_p+mn9`8R=$&{U{V`7(5`9}WsK5jE(L0ucQC9>iqUjuN*4V+ulT-L=yH4= zS8!N%VQ`rPT1ZVL;RR54XOhzG7>;}`{nG4MbHO)^2*)O^f#Qj~mW^g<9Fl#k)9l}R zM*@d3PV=vy@W#lqhdXWY0-m7OvyO^*k_^HLt=`d422SI^DU?W@%V&!! zm!Q)MGJFc7`6UT7bKhtH^9eYxxQKb|U$#UPRM-7H z$~xVFVsKy~{?S}qp;#b`&TP`Yy?zeauE+)9(VSz;#;!>wdARk<&wNg&kiJjR+6kd8 zH^;W!n;6tnWJzQ!5g$Z9=g>vdV4h3uN>VkJhq()2lcuI8>5aQV^?tTvu15s)x4IucfIcFRtiqnN>8)c1lsU=CCVoMqq?~fS zFdD+i%}sOnCEzqG>PH8WpjvL6v_v%7?B^+c`M%8Wh^plP)w{3kuy*RXgGN?wB{!o4 zk!RqBqpyjCg4zaH8e+6v*IWn;u<|hWQFpHH^+c6|c$z@YNaSe|0y)s!a~n0~2fy(U zJHN@of#^!+A|siDcRcM9!a+91x@X%5rQ>B8GX-Z2g%L+wIrtNT-)>0TJ=UIE*~5Xu z9a-2UImscNUl;vCn(2nK{0-FW2MK(!)`|t5cRfUCdBLn;@)N9cJbr;aHrF%%9mT|F zOhOH!>oPo)%-?vrhIPlvcEj075wh>VTz;v;Y#B`r=I{>vetQRi_BCGXri^3qvTnqY z81flZW%AQO1COIH&b{DVNX8MbV?v0WIX5HYB*4oQ7nI`Qy07@-Of%p#^XPOf%QZ^9 z#zegO_P*x{Q5Xs02CI`$7Nxz3UM^bx}sS>icQsbtGwX>{~i69;a zs0THuCO)dx(}b?057)sqrn%;)y>lA&nx~GiyhAV#;(1Mumg)oz+!)4BOGY?cYC?Ix zMTvf(Z|@jqP={ISh|{4+(=`0lCzrPZ%s%^TSp`tN#)SQ^^G&C~23+*#@`|3*_7*z( zwojeCJ0&cvtn{T56{)Lhw;!&dDoK=xQsE!6?zrewC^p(RXt`)dImyN@G@1y$(jiQK zA7Pb^P1us1lv=VOhPtendy~5V`Xm+08kMrIi4G`#zI~Ff?DX!y2xj94&E1i9VUJut zgv$OhVkXQZ<;Xum;7(D7OJ5N0@+eCHfMkFU<8Sk2yYZdtmxS4FF;GK|r6T6CXALm- z@*&M@?j6?4(T(6P0_3~I%asc(8uq300V(zr^ay)`3|3ASFrZ#?=&|g7$P#_H21ig9 zYB$x(oJo*+NsaJd#OwptIt89r`Pn6rA}B0}!zHXGcJq_1e*1hPE)0YVe^Q5lyLzJF zZxQos4HlrGqr%E?e_RFU1Qi~dA_a8rrPFay5aT0|ln%F_sQO|D$tsBbZA9}6(Uj=i;2bEH zCd}obYVSiHJPJBS>F9{+_4f`$)G8H>eah0%IaW1bDUtI#pPLVI{23yj*AmJ}0XBx! z6a3V2C9xIZM_+0lt{X^qA+`oM#$d!MAm(gzR}G<>{bOueY~{`%e{@659*PJ6b%wi> z$O)S7_Yn=u(2|!=ueTzLBU>327$%*l`mAa)9t5xJet5W=(IMW~{A9~$BbNVwwjQM> zG#(qtDeXqw)__1E{_bVCwR-wjRB=$o!mJmirbY+C)fD0a(Np-m!FkYGO8$HkyEg=?tv{tPzPr#2$16h`RfuZEP0p$9Jm4z;hCEM&hC( zM*gMRNo-i?dErdQdB@0IMs{r?nox6y{V+vCvqigQtZ{)Wl#oAlz=51+{D#xsWAk>dWf!v_S~3yh zOi_BPBew}JHFv=>LbQdyP##%z&A?NAaI*fsYApi&O1ZJEUQt!vz4|xG!MasL-ATgH z0#arKcTEfAQXIdAN%b6vCIg?(XB42jaZ`6-+{ zQkRl?^ynz9D`am?f+UNQZ)|JVSv~;iCgJS@=kg6Hmk^Ne5&$K;P69NtX;#Up$@d;q zP;lo?N;>bMpQD>}a#(zdtoeJrtN~y!98`e5Vor0q{6Ln7xO6$E#ds)5RHMdfs?ZDz zrzgLZG_?oj&EP=2k3hU*uA+60Z>GGFxR0scMvly&v+sG%_|xvtEFN4+mc)h$X+eLh~tqj-P*#$Uv#Cz$6qdiRo>V6jF^+gf=hy4}-b!*_h#*rUa| zZ(HW$7Od1BOIfh@?#KRkmSU+ZFSir(3100TgHdRN{p;3IPuI!D>xf`-kHdsWN1E&O zhlGS9*%LGi2`{(n&hcM8X*RU&tyybPJ=AASWux2o93lK%#xLjmR@SAB_x1J14&1*p zQjPKlq#r!$dp7&3GkZ3VNkG;7X(w(80><@n7q#e5{_lx#G5(3Q%TQk%EVA4RiM4(} zMu4bjdnTU8DZ(4yB9`2+;=a{Ia<>*5JnIanNntH$iytWK6BABmNnaAE7W>sa|v(*{_pDW>6c6QbE0liWr`>``xVdIAxO#ap>nV5l2wZ8 z=4$E6siuZBq_$b>c#F6R z8s`ZrXxSa%yI9ub^%J{npRT+`HMGU9SUkmwsjcs#!dad^TUR_>uWJfKeMib45>epU zvV){OhOU1@s{tG3C>N~
gmQ<@QgZ9x>`j~bgGT&$z!gjZ7 zwL?xslIu{Y3{K&tacMtXZR3Khf;<+Xl|!fs3NmvcWFd~HaD0shDfoPt1ZTgLteEBY z%Y(cZX?aj1DmegGuUP_Y&@ul=`LOrx7L_#EftR3FVpMHe0GBU6oqe%05wKhvDl0;l zw9;I8MFz=Vu&~?=_}ugju5v)vVHa=l=e*HR#c1J3j00>;hmt;W*%3q18w{|!G3|>5Kw7X zu#MrA7?Ldwjp&PLI$Ax8j*l<(d~v1kOq~vw?mMr#rV3*q_NjPgiEPy`np3aHWq{z_ zJJCZBPe&(QFddfGU*vozpG==f{ZCXe-9KiYpE3E$-EjfmBmc*ID=-1)^yxFc-|~uE z{N0@?+EP zO3zP!5vxiEdbxHhyrIK}f?z+ff4hz`1nljw`o_bIHFp2jG*&QxZSKL?W;h=R!Mo;|2^8ll}xsYpiV?5#67&_Oo<>c zgT5@rygZkPT;M?T>>B0k18witi+RNl(dfC8S(YLQmYX~TRKNxF@!(g(gAUye`}Qn1 zZEswfS-H-adEru_c6e>eYLR9u!G*Ij?e=%M-F&v$Qnzga*7z&4b(h^S}a0Q0q zKwsRSt#$_PR4_3i5bpjH{P&cY<>~TFxpUQyg0|=!xmo+CJEj zR?)WQmhpI2Qv%jmG;b40>;L_Dt4ZDlTWt=>^exp&V&3{?TPD;`wSv)hTr<1r92t|p za{SdNuX8o({l}_ehgSj$&tJj+=ll!B$yP_WExX|iD;}D%;SqAu7Txo;MxG*A{MS5}8y~Dd=Wk;T zg#iE`DM_-kPNd5u=gLmFg z0VN?9u;KUbHp5ALv4yaA8db)?`R0q|hj%0b*Eoh+e=uVCpWXlgszhhS^NkwCq{^Dx zh`88?O4I%Hq{(-S5eOW>43~qibd)`k7Mu~+WU+q(%Kskog}TUI`Rv%OeBAFWIc_G| zJfd3_jBb$|$x4M6jyZ|qQ)J^(3{b$`{66~3a+1aKbdnvJr~Mev%&8_~HbbbIznPsNZ>urJAST%{1sSyUl5%0A{yqMW-S|LTRW0j{$W=c#3ztB8dp|pb z_C%28LX~R2iW`Y%^BQrJ{kdD~95tD*96o^Nd?6^@VjzmBpM{L-RtyYV{7AVO6di*E z^Y1f3FRDlai;KSHs3Jr#b$!Mdqv5DWE+co5z4-@ZQ(i{e{6$3N-udsWq{zS`Zma`H z+5Wx&7e6e;Z3;;XR&jL2d7fh=iyC|yR&w^gv-gk1DiXi~wx(xj{O%Fdd)I|&Ij3EB zBQA;N<>kZ9>D6d!!C*0pglarFlWYFx=8vdxvPLEYi<#it}ZDxA#h z|9OtT9xBBY`eI^yOd`8%-_HlhTO*gLzAS{vfl_u58&EFa92&MlTZ#SO1>KM76TYlw zPZ#+9`exOV8of!P+^s}N+emCV~WDplyee1?jBNA5)v?J1hl z#YTdmjTTXo1HXomG2CN#Srd%0gGqLED#bkL{&Qyx*sU;cAmaCiv7b^3xF~nd82wBU zqIE;kOust(Jr&PcHqRaH-;?|w8~r=gB-BNvE5r58w#Q3b91^RMCsMmK!;*4*AQ3b2 zQg@FdY0Q1+|IuxTE^y=CP=bDGf>X2F!%J05s=q&Lo(SP}Tuh?e^CM|xODW_@ z0Uh|4=V`$)ah7OfIbD!%jPqaa*WMD#*ghVw|D0vKH$_hzVGgw=(d1PdB(w=|wqy3tTY8hlx?%ReSot`E^h7pS)XZ z9nI>-hG=uMz~+{)X9Gx(XD;jS308!MU0?gwT^UNmpVh)AUM<>4R}jZ?Br})=&WyAi zuHQ7lz3e;3xi|BmpDNv!=63O~;-rhHYQ4B*p~=ID<@yrvKNd|Z2S+xCdM=se_}sjC z&?bh<+dPq3#rJ~=0L7h;>Ev=NzJ^h;vPSODlu95WAwiX4)$_xPD@eYC5wPc}tG*=; zi^x4ZJOnu=;OTsfv}t;L94LJh{M~5iGTf?CPOQb3PAYskS8dGFb-bj~6|Rl0^7k0~ zU&CO!%U&=FZAyL~pi^R@`GB(bJ!dL8R}n3{;=jhsB?m`fLtC57ZD{BnxXfQ(S9fV? z1u*>Se3O#d>d5>?S=T+}^__jbHi^nAyLe6DO zBM15QqFkJFr{h^HmR`wL2H~%t*bI&+DDmK0?7k6vbmnjbDL))eWf3avTqL@m;}ok` z9v2-KW;&8Ul`uVAuW2VvU(_l>&o7D5dogLKb!_WUr z{l9MY3#{j%j{pyAYP$>8Ty$u(8ei~(T9W@)WDojnn1Q?z6quIL`N_?SK-yoP47m?2 zp0o1zw|+NyE*C}|`al9*Uv^sBAlEbS$t>HB@~92Z>P6LBJ`G835_<=CRSe6}t$rLq zS4!Q*lxtJHgK2vQ5K)|zAqqJB1&a~1D-c8B2F&$M zQIz7X$m$F_5EmQeijMS))HRd)=Y zD{txKGQV;No=g#PnwfkE5D%j;?HOL;Fsu-XfkX)>*LKGUDWrB)h({@BSOWvq26}s| z3cu0nJs$@37W}ieHKBf3aS=pA35~k{|Gf_b);Lv&sg$pt>0KIZ6C=sdfsHoF&g%%}tZxoGw3w0{CNrq#h#A&(Av_IYWoY`rG=O zoFYDmpN%t=5)7z1-%ZUZnQ$_$IE`>6o$kJ4gs>C7|2@mQQ!W`%Xydk>`gGEhHc4-H zKt_}{hk#b!-{`77z|GBl*(w^5qD;C|$kv!nz>!z#n3fp($p;2Ts&Tf@H{$zCH9rHO z&+)cbVL?QDU<)Hl{WLg2P&VJxlxqL8&p%7sr(Z+}F70bd--t@Ke0BOqsbMaVt(J7T zTRuJ9zlQUdPadX&(SgV|4hhEY-{0HPlHW88Z^>Jw<+@A+i&WthqQb!*h$(#bbHvfi zrQ6#1F0b4U(?7r}Wur=i=}l}&zMbbE{VO*Og%XSxhp?U1b?wP+;8UFA1w7B0Nd-U%@^XJoJ~3^s;Qjt%Gg3R@4b~1*!#P99n-TG=@g|( zI*DPDx7}fjQp1Cg*Nri*cw72N&<-`5uf_u|stp3KTq}1%c@$)l$KR-EcK6_lL#0Hs zTb`dKg1t|lecKoqhd!=ZuOPM$JA9w^n3YDJ>DRsn2n#*{iR6z`pI$vc_#3`e=Fy@v z7_HqS(vg$5b%WrvWu@boLDT*n=k=Hlp{M?YoR)^nOOvk9oY=0jNM;AewZD%K3{HQK z??#`2fAPhEe*>`ai%}>T-pnUhi{nt+5~G$*CCj`ulId zA~NRY

<+@i41A=@H&vTvZ3~c9qX-n5rRw-b$ZJ%Z;R`P*_2qo(Q(A9(gUu4Y-4@ zpYhMesEGC_8d~S;$=${l(Eram6iKhZ_HLdS;*DlTu82%SGy}pxygt~OD0#B?$I4s1 zc|I=#Pyd>pX%W*4mAuzwLJe>Wyr9~RL?M!|GW2ity*V(4|)mp`#p?l7FD-0e_QF!nM zxu|v7+;olugRANO1>9JhMV9zt5p|`G$CFIpdJoR9+G~X^9mry!&_(OhO@XBCQV+Wd za6R}^Xi_3Z z)<6~TCh``JTQtSR#{HW?`{m$u4L$VJ!q+rFZI}= zqy3HZ#P6y}}O_rI4R$T~o>9 z^fYG?;V2{m%rQ53+}|yaZNHEG#BM19Rb&OtUPIFxRUSRe2JYw#+_a(J<(N+Wg>4?J zuhg%IMwJHIv53rVn@jlJZocWSBcVsl_F(`VT5h}RLi93lc0PUidqbq>ggNQ=aJIAm zueAvQV*G{jR0P7%`?AScMxG5nZz9zusd=g6^S2m@b!VzRcpo3?bvIqhlKj0Z&Eh8El$7qtR)n7Xi0b-^m(QfBL0A*Y#N&54%wT2>-h?sgMrf~>c*0bJqiBq>9vTq-Z8 z+UH@|oohF4dLhXhW8a@=0rH7g5_*&qVhnc^blk*l4 z&u`~?b&eO+%ONNGgS;quJ{9NyOrICkE|1+vN8h7&Z4X;D8RGckxghFN*tb(+&t0_g z_=F=pHxo4<^p34Bk|uogf15>fCU|E-p!YJ5L4xXw0*=p^LCdgieh3dIl^abCv$p8z zyyE4P1&d4saA5oxeJMLA$%YD_5r|;zlj&fJfZJ-iEOLXRbKi<6KnXv4b;gjd*bQ$t zpg5-~IIi$pLyZ|!$(L^uuM-u34+xtY#i5pCw?8)+n6{*M$Atp~X#>o6f<11}XfDSd zP6`VAxZi2ohu~gzCtEk5MqKZ9_7yzWqO^R4MIRm@b_#Q-Yk)RNDmXfQPCT6z3*2cp zL~O*|L5_Zy5P0!z)-D^(L${^`c>ShkK3tL85+2uw6Z;wRgRh&6WSPr7#ul=A_aWkw zxTX`=NOUe=KA(MPIKQgNVjfrM+8U*VB8qc)74x}w``to^$j_#=@}&$djV$MZnj;Pf z2Y?%|Td#kRd`VrLlT+-ib6KYa%QZq9KdjFlm`+Uh6{#D8)oZ`9GNUK)EJ4BJ7Ks~X zsYO$gshD+iVucytemf;R!nD^*!=Q=Z`$I&LSZ+oGc68pi3O%k`CktMYj)(JM1p#et zNTEXpA2{OlV3s9L>HVl6pEIurISEC8zuOOh>ykp=g3#_wF^DOdjgY`w4_a9giDyU*K)S}`G9jB6S-gmz~>#{iA z=XTJ|qCW?Q=w@_ZqLa&+aW)*nRHNxFJG!%vVYtaB*x6tctG*YtlmOJKTe2t&K%jEh zdzB+{?9@_hbPuS3cbj8wj07o<6#77Kbx%(Joce#BC2ITU(goFZl{QY>FmvKA_Y?4~^}0 z+}{v@WMEg&yGED#h!s`74?bb0KLcfBlyqaOK z?f?EV;wc$)etUOk5M4njAst}h=Z)0^JC(@FI^&De_-bJe`cN*!mh)Qy>S*8gC? zK0icP2cI02Y{S*W|K|(>_QrO&cP@pAsa~$CAE>4@1;HbaARK>&Vo#1@_j7 zygG7pUin4*gO07Bin7blGh>?bM1d|{T+|m45T*sEbTw+O>rG?`r27PV$4gj=m zNk=WywM^?vd|!Bsf3*N8su|C(g@(y2uh;hM>z=2VWmHR5K8}^vazAu)T^}#(SX55f zohF}ePQ*mYAHpal^G9`u)rCCYJaO93WoKhQryT8WspvS>^lh9+2;NQVX>IC_PcPzR zqPG9w*nBCkl}Y}wz`hx&k^M&&4A*V3leogvwakQAo0z?$!?H#XUi&?(X3J@bt?}C0 zv>VBlV=`Dyp#yL@?5g~``WR_)?s7iQ9oU5H5pqhFFq_LfAmHnBv+ zfftxVpuivIAc4|W9df`se_V8E;?5W5Wda+hWcIms#S!Idf6fmh6B)b5ucXoU-sX3; z+liOFKZz*m*r8IUCA(XXvpx?upWSvVVSC~ql)~&3%p&5}*3hk;(zoHxw0)|$?KwX2 zK@pwYnOcbjncV*f;Ffcg3GWo+V=*2(eOd!tj?p~4Gr<@p!}3Y zp82GYRwm9VyA`XeWYq~t$|+e=)}TvbB8xX>QT7tPh7f{4Wg4y!4A;e#V1 znLk9oJZ(Voby!6Fd(D?Bpxr*$c8o6jhfw^vu6x3Hr}oY<=--NX-!5FGYIC8p`k zql_x>|H<=0VHcl%VJI}wZ%eX8`yV6%+-iz#au_Q*6X^Wy4-Uy|XSe6&k`eO>i)*!N zEj|k!tLEtwQ%TMC(Vp{;an()44K3X^X$AB|7{omD_Rixg&@!vtcO9vlEZQ4ewUTXZ zqu>3pD0;kP|M$EjD|0v`?fz$h-3HpsL~89y0d*94E8hUO)v?zqd37E{u2WnL38WALi+Qv_P9;QF5vR5o!8Uw= z4#YKJ9fY;b^C;3Ba2KbW5TsMCpPj`_6xY@v9TJWKcYk$sR7QflMhv?)$d_N*r2BqJ z)2sd)*xqkzdwY)}ex=?^QG}V07=2ic(mHK@1rxwlu?lC43~w5{Ht7Gwu{X$*bqeguO~0~Gl2!RkS*H(W&ymVVLcT;8^BKF2h^rX zBs#x$X*XA|7tF@NmD{Xa^sy*{lJ6_VO;*xQzD-CU(`@dU@>|fqL1$VGo?ZuqX$r9E z2v~r=Y^RX+)IN*PIYNXvVqLn32!=g1OlP8;4550re+7Vj)|)?sJ>PCBtVu7hl3I_5 z0QKL`M02h&H7f%V3=kbr5`vrzoB8xmD_uUUd|XB&@NY&FD+>FRv-qQ1H9IGQFC=s=0}B2_#`o?%A_+UFJ5^ess4%N7Lp!1^a%U zs?<=qcbfZwrR|+N@HL`%6?O4-Ju#-nNV7D%gJ zMu4i>WyziV%0w0PrVsj3p?41{B-1{x5lvt3eAyc-PM)`hYE3E)C(bragSTic+WR(~ zj+jYuD`C1xd7)%p%6y){LOVl;5b6RpJ*$%?KgVM@(xX_Y5S}HJ*t6axZ00~Ghw%ah zN-wG7SAv7P^cENWO$(v@7{=ncYr_?s!*QRXaTIzmM*z)p2kpm?mqbTbgU3c){Vyiu zZdZ%;9jsXfn!rRNM>GmlFq6bgfWlmx$cA`S!R2N?j`|6OqLvQ2&hE*HM4mOS`}l|V zNOuOX{DU*T_pD5^Z($?pneHen^8{*IQLF@4+zi>k5ero=h3BimX7gZwB6Hcaa3TtH zZ8L7iH5~F#5-#V@9;+}@B{Jr3wu@b>S<(GxLu*c2o4z?p3%HD%ppH-hzJ;Sg_%UpC zx7}tmIm0^ko@$MV1tkdNrAY|y&1Y)ZEsfX)ER26-*UA0A)h3gE`=+>HNH|>kzxckQ z8Z4%E-ADRgk+A%zTaMl|Yt6$*8DEgLlub($177#gmgkajhD>|dU^BUu&@g#r0E=A? z%;sMfc&R!`ygx^*n4SWxK~d$J^YAP>E#n+)`?;rZbsT~aK;Y4$65}cA?^BVcxvg5O z*Fdm3wQXm!Ldf=zA|~|>F@EE#B=!)ys$c?8Z*FTQ+$D5kNU-J&5W}FXhE_cd34bJ{ zF5d{;OekMgjriL#WCIClxF9w9eDI6;EHA&0Rm-<8CGo}wV@=8A*NqR)f%bcE{B|oC zN^_vlTY4ZhpSoFjE^gqd-wraWh!j*fa{_3$(hB<;)}m9ANfBHgv^_vVeay(uzm$hH zOpdvPpE8Oeixx0ymTL}>2z0aJ4FvhEspn}gRnNNmUdS_Pou#c!ealrYo*+grEQ`$U zDw!vuA4yD%m>V3{eAzAEpdTdRi~jkuSOiOCg*{JaMpNcaDpfL$BX!`%Ke+?RKe>ax z31-B9&PV?)q#`&*z9suWFDLNwq2~ayF*(X ziWPS+MT@%@cbDK=oECQ|?#12R-QC@tAm7t7bLO2h->)oKS;3FmlNL7#~w|&?On8at}Fkd{4`)@f_jNILH1rhj- zG~N(e)+VW*;&aS4o6`$$zVI79tWiis>;SP=4mx;8&>s1b#0APjriLlSf!dV%#o9~k zWkm`@zxbIOJolqb9^`;FWS^U}xB@3gC6&fv)K8rlWeY}Xb6n4Oic2Y)5PsufuvnXQ z-o0G#`f8eRXr=l`zA=369SJzM{(b9V6J$F|Rh5Puzx!gO{;x$*gyVY&R#lwgMzyd0 z`?vYm^55G3rZXl)Ctbdjy+9|qY86s6CUa~Gx#3I_tyl6}`yq>+%Go+LjCZ5b`W%W-i6tiSGi$)1L(u$OFIq;}_ddF88 zJ+G5MxX-lv9~dRKa7;1c-5Bh#;c;S40F;&2gg_bCBIBR?6X?6~#q>@^(NS z&S>9~O{*+p+r8i8I&W0#k!+M04;+$HD6bR>X#_{JOe!&va5@E+TkuSno_r zWTUCdw*}yEcE8p7WQt)%^+P zAo>1c9Uve>d*|fJR^8)zXm>B_>0ugdx50UMY1btSM71jk;d@&y;AGctsZW&KFs4+% zUU2oQwWHNKxX`=(1jCa^AI;h*S&iG&m8DtP2gJqY9?EBnWQ6Cs>NJASPn;+Xju%1cCONcUVJ}Bic zp#*oN*@rbP7s_$0a5tC+FFD#_=_-)Oq6zvU<;tWEy1P5yytcdsW8_l8_Lt6D^TXb1 zeJ<6gQ6euRal04l?6Z_4dN*jfMVcyDrA{QwpL&{VOC0lnCNUf{iWal#b_Nw!-m|R2 z_#U43P~?-w{ftNO$(l!s$o9g*;HwJy<&u{Dg_ya)eeY2)I)5TuUqHnIJ&vx(GH{#u z)9Fh>o2f1w)c;l%X7t@ih9?MeI_4*v<@?Z4L`TT!EJJ`)Z)pDYxs z${i6lxTut`v>!JXjJvmhoH+tGJW=&v&*{1QkNIl0WAa_YE3iiHAcfDJOxNOpVAfyB z330jk;CT0cZGrMNfJmtaFyzsWRQdnz4y{DdRyn$~Vwa*Rbtg|1B9slh9qg%=2&0*)@J>fG}Ag2Z>5;6F0h8-IF?{(Vr z-;X45WXQGMJZ;UBv-`Hxc0wLiHreXnRk2^O4Dud`1aApHd&GQpyAXpi>%EpkhCtRa zI+yO;gASIQ%6b?_G00vBLo&LZWtybDZ`Y)&>DL@;jeO?j^|-!w1WilI$Yl3O#XF#6 z8L|)mM!u1=h2u-(d24j8q~2=Jb`rT_avf}smzePlH90nRlSrLff;24QW4>V@=Jc~4 zOO;T6`-@^|nYZPV_c>V_%Z(upD7xI#Vi-lFTKHKBM{oTkCkp*8TK!n4EY*lkm4=aG z+Qo$1F{juaZmQOJ<*nDMnh4$I;?x~UqLndfrxPK2!;|*D>7TYw)!rmcjm3AJbB#$A zoOsjX@@L_M>#lL}_ROseIvD(-^PcH7dSpglyhp0u58(2ksp&$Zn(UnaO z&%p^>BkF$~#n`ceRA9)=p2)ujQ&o*4E2j8kTiR#YoKsHmz!gx=*|nkLAk0S~r&N zA+pb&+QQT{k8(?Te;a{Z1Upm+eq+^1r$#PWiG32WP}FgzHF8MLSXQ!tqfc?q!)6Q< zfRXq_C8g&y$n6x%61CLY5GAh<6eV#~FrB7AKJxe5?o%fk`ou=nFw=bMD z{k*sKDW?9?dXn9zRyBFnIqmBk4-`V&yq63jj}xX8LlNpC8(hy)%5w7B@cJER2gQUT zAS5ow>-ljKFeB=Wd7YKCNI;e*1jsq(^Y1y4bn6Wwo4){jQY7X+rJC+{l=qtAb(x>} z_xi7@+=gZq(vC2Q)3YGAS&{`z;xRyIUdLuQrOwC8%D-H+U|CJ16^A#(oTt8jr8rCt zgA7nZJV(t$!V!0>7f}V@>@-`~>yTA{`=*xRPFkf*BJ(hH9uvmEqiI4hn*% zL&wfKST_q8Hz}j1rjBm0F3EacKM3TNGlm#fUaGVf+2=gQ1xp(0vETlR@buoj>0Gw_!c#q>^{pygi#T7_4JULsFUt&ORnTI# zj5V%ar+b^NS?ippI4cSOk`oHKD96buIWe$~d7jKWgbBLb44JYbmjwX3v5>DjFW^&V zUhH*bWdeUeR+rU;Tr-2|2m$BtbDA)HKR#nH$_WUoKOUCO)%O97g ztLj89zLRRtAlhKAJ8PAzuRiPfndd+2a=C3(l`Bd!^2`5h`I3-d2s(i<;%jMJpDl1ZrPLK&s7_(o@u;dhgCULX;iNF^qZ#%|+ zl|#_|M}^r8itgH-2#FaRYp0#ic?H|l*nKK*d#prYHpRkXxIUeUG4{S_KyV8Bb&%ox zwOXw8zmQ2=XW$UM@p8T;Z$bFK3);U}tSE5z4(x%#U3`$x#v+T|~i;f&A=IHRWG8&DfY1{C3c zE7gl|dhz;-ueb*f?!^4iA7QxZju}I<$4%pPQrN*MvV~P1ecNnwqyqHUQEPxSC_rca z`A>xb5SwT%lLr&JDsItLIk_6b(txGShA$-DRx}&P@!O4t{x)wLI&|nVO919&TPskl9WA z`Wr6g6yeH&M!(M>RP)lU(Ee)P@f{t&rrQj`42S~yP3SyT(7giZOfs(bgtiCOh`9;A8(f`k= z2ft*dtA0e@yQYUA+8n@K8VV_D8~6+U*o80qqD;le7vk*kT+dCpeF%?WlM`R1ut@{n z{z}_FP@>caVn^AH;8+9LsYi+i2Ad1}I*;^J(3cB{mq3!N0x5t@F4ZDGJgCEwr~q3m zH4RNeYPeDmIrQJtLJ12}M`v|g`?@2sBAi7|2AWh(Qj+gKxA%Wd4k36o&e$bw2s5Rj zzOnbZX_j7eo*K!4vI=&bzYyH_S&pYZM5j4^KSu`?S%A$v2ET!Fupnd@DC|{R!3jkz zQt3bImy-_K!=rhiZ!Q?&z6S#@{_AdG$oduyO(E5PM)cR-N=pU-ZFsa7BijPS@a=*r zcFE>|tGY0gV8`tPsAo)h$;DV+& zBv?*;K=R*P-rxLq`B8Ys+tC~;KhJ?Ne|c*(*Lb7d@z5u-KisjMr{Tf#zkj{It1mQ2 z3i$8qia$eQ|L;G4y$ymKSpb5mqb^<-!#aWek?p49Cz-F(Yqy~kRQe1EmuQxJm z?-%&{vr!}azA1+!AdD5$U&V<^&c(qRuMU6ng~|Q}y_yh^WPg0PQl5)FWQ}0x@dzT$=h5`IgJ+fzj)UITUatA7ll)HWZ=Zh^Uf^Kv? z6s)nB$pP4mraMJ!%Ge?e{MP6mgEt31I{qQTfrA)>7j@qmkLc(Ie2%VW7t&&+*7kxF z;$81tQPj=TRUrXv0n!QRjCA9j2bnoLv!4jqM!%>(F+Sfm9WEEX-`UnL1gWh8y1_zqG(9B_e+&%w*gfFSa&?-iQY@LmYZ?)w;5~N=P%AW9bF8) zXV~@k-{Yhp)1Rr-J_djE$AJ8wsf2l+Elhx!D7*1QSqEAp`Bma4{7AnNrGT)b3ppa+ zI>z`9T02zX*B0)F$H(~ldoWm0O$`qyBO^(Oyh%Ozyiv-7xlbh6V^JZkH0piWb2jYJ6KViUxhaSOj0ie7Zot+Poc%i3yo6rFT%d6Puh|RQ3=|N+dT^ z6qsh6U}VlXR>GoxRet2-|-mv2j#I4Ls7CG(oqq;JiA@hMiDAtNKo>s$Ve>6o_Rzu+{ZF zrrbj8Kqv!*)>#zqQzor6K!JS)-FaqrUXAg~po!_9KZPu``p462i~rG_0qkUjx-#uQ zQG|cU>#*~Lqn3bi&5w^HoIWhBOF-E=obsjR=}sW*poor9)h2W7_3}ueF5#_kJGyUv zhG+UJ2!PKXr9Ds830}vc0kO7u5^vQg$*KnZi{^bGid6)mn8I>am%DPS3^cp-YLT#0 za_D{Qc@{fBjQRx>kZ`0Rp17apx*v|>Vg)bKlq6B*QKbHJ-27{~Iz!epU+&MY3nN_L z9*?xtH)}nzP$jYeG#{h3Pqfn)GiDAIeOrO+tf0|mj2mdK_TowGhB{UUWzyk`JE0t^DBY?B!*R&n7J6n%x_o#A+o>($R(dHk~7? zISvT6nCA8>(P#<6`S>Va+J)J_>h5@Et*f-_^j!w3s`p*sKkI@!zGOcW6d_iyZB6&F6 zwr@TeoARJ8L}Ta)@UejOb^1k}BgBJHHWhp6z(P&8@n*+3z0xc;#_lIeWIUF#$CE!z ziKHrm#eDi@)g(2AHES->qHt`6$rK44+mfx{U2=r7o8Ad^(P~NlSE{Xh9e~^LkXQ7z zqdK~~;=p7yUFwfjN}Th-@<8Fb|F{Yt$T@$1-;}%C2Hj@W`<`!{* z=OI3`ki7*bcYM6qvNX@v9RsL6ib7uFUP~2r5=)w&Dy0gEd3h%%&1O@%978cbrZ5Ch z&671&n`~tMldaFx8I*Jca%ja1;5=Ncp_?gIO>n;acHHQ6bO4a-8&oG6wlfJGG79b8 z;^Ay5Vlb1r;A-j>Wja-b%h{^PYpI6S`~A!lfVi!oy}h$D@#;lCsvL->nrt$Bd%|uI z^~`_baHr+8gH2maa>!;NmkEJ;%aOdEdMN3%z3Zz6eewCuw-U%nDR>lky)15AyS@qT ztnuJW45X5to!bdQV3vZL57i2zNFB$)BGCC$5do z_e|pIIn2nFvw;=NoaLo7mFL)lolq$M18+>%`_*ttM!o!bGS%V=#je!lbUNfb0_^$h z?xoYy&DqR&b5B^Yk9^AsJ6hu1hB)n1Wu+NDas$ttOOZk68r-3X6tp+V<_}wV<+9z6 z9{h`ERLaEbw03t75^rO1t=SFHYN2st1MLea3a~#(i5@~`w_e6`2ND-6yGCUK@#eIj zKoD~$*JCEJuD3}=+}gY=COBnN&Q?qEu&t}_7v8hc(1h@vpq#TcF7J{sqh?m~UJ&gs zWCt(8ria{XS4Ea%fB!vNLO(|T|H1tMa8|Xv@wxXyL2aH)^1j#>p>S{0S#z#^JYHb4EgeV};EqoPNKj2=by0Nn zHv`f%Kc83Sv|_t~AW`OgGQ)~&q?l6pQBHiT%1bCxXG zw1_dRd9JyJMyzQ5LP1FPe57H6_dD0h?praOHe1SLeKU7MYeE!$eBAd0FdS;i2>an)W@>U%^OWL6eWI}g_2twAy zpano#SC;tkX;<^{y6Qmu)g5A$<9+a&*1Ktx+BH^ddb#U5o?n9N^CkS%2y_#dpu*>szGat z1Fm*@aLPrK0BU@^&ojgJ>EMEjhJ$0yGz^Ax^;J=hPsr1?b77*zR53~Qt+qqj(17*y zoZ;h9M$dH*ZqZC7r!tcweEI__!M=ezTemCI!C zF!Z}bcDQ9@Mk%5-!txg3h_L2Qj(pD%CVtOX74&zBIB4Xnx5uk8E@!vkAMmIZoXbKp zT{YlKy7C4qL){I>boDuuhM-dtp2c0SiD!Z9cGpISYtEE4p4^?n(;=#Sd0iaY5%%jv z@JaH;nKxB7%vxg{fC_f}qCj0qG1QvGsLYsNg!kTM0l|}^FK(~0(^km&eZ<87Q*G_@z^8uOP_^`3RA8WbzP-MIRb-vz=10`KWHB62POHg z+?S|2&j|(rp0uCN<(XY{RwBhtBpgF%pg*9@l_-%>K9S;fGXuo*#w==q_>cjr-}1F$ zY@8PTZ)&-BIuiK&`0!vUG2&II#bd*H!(VQzsYyZe{*ps~6esYm%^m#DRZ&tOs@u+1 zo8t0=(*uMqZC&{U;e4}*`~nva9Xbyf_eKHThV)w@`N^B{w=s64-skBJ3;5c-{JrPf zTmcC5hMjPI;gXIgR(>I!4-UovJ$oL7TwG3%nAh~E0tz*rL)Uu-4RoG&6@n=lM5O?B zKH;p^krWaoC8CV9z-bwImYeu?^D|d!W|!N^oQ@Gwd+r5%D5N?8G>omk^Knv!WB27+ z9aI{WM^+N8eZXM>=3TE|&{YuXElecGZZEAHya>H)MFf^ccUImV>RQnSQP}Y=r3BWA^1C z@9B^-wgT4onH>0Q```=7DEvNz+j(#4Vdw0~CK%~i5hfs9h2M@enQzn#!q!@GzS5LSQcj;2_>zg^epzCyo4 zvV4BK)GTk*(09#jZ4gC{7ulxH+81-%SoTuZv+BG^AkID>M&g|@%6epmV{qDJl4{rH zL+%x9S`MpavYUW3*y*qvZU#(%mkauiD%iKOcu=C=RdKgTFh7ugmE(YzUJQvekjCJT zG2b$e99x;MW)vF*=miqXeg5|GLHv}27b*>&t03wbd4Fv#Pd2FWmLy#DmxmhUIam9oo(GmbM@Eu`X;B7Z{IN* z8r&TH_!?#Hd0I#Tq0p_$z_bk9oRK1q^aan`w>EL2FD;=apOAJMh<-jut5+3JPM3zU zh0{JlbHLF)))!UnJ8!^v#_mPsg98$$iX~LpREYKlUuWgx4_qA70dlG~1AXkr{V6Fs zvDfq8or!Ey=L9o_iowpil*-QPydGcN4qqR(Tr@84GCu7uW;qUEtJ2H~1h`4nV_bzgVj{g|lRRjI{gq&}N5&K?PXe5P#fQ(Fx z2UnUolT2E(90-08xLS=(NE2tiB4Mx9&yr2Bpy7O{5l3;VCCr0!zO*GqzT8P*SHOe= zYWAR?zFf>Vov}ENr_OXb)0NXn^)5P7oaHb_El(AJ#pS_8v~=Fr+u2RA{`5t)T*r#u zaN}Yis_>it5lO>JR5pJk=|rH_^lc&Z{}zk|n&hbs)URWs?bZuUw{zJK%+AqQL; zl|!_b-G``w;AK2sc}iZEi9`=*#Aar%fG!p@kp=&)GgeAR9oGvZCy)6^`A;?#-yy~z zznf%>M`m(4SiuNQLs?i=aYB)Fh93{SmYz>m0W@xl{CDq?r7K_ z6^0bnF{3-V=n&b!xMlGb@^M|?fEV}Xv>|Q2^EM}Wqs0W@?6StMeE0R1%tzl3uvzTI zvyu;z9OxhlMb`gaoz;@QE$Z4P86}X#QD_r@-;@|w^T!B}dXCHeH!9zOmF0Gz*qWC_ zwm6dN-tGWR47|Z2EU8yFW?SK|c`r*@Uy69R0_H^9%e6o4>kVL1=)=WD-ym#y=!y{#J$ ztTv#~#z1`xP^Td#S89?K^+2T#*obS6)9X7lCywpoc9mK6 ze#%++#=9IG%8L#=Y60)ohtnpEEjHSWUdU#jc9^|;e3Xn`YF;8ys&L%e2(h+5x~n~y zz2nd!#+{>kMnf#4mOe*Vw99rZcH8zh`6SVe{H+@>fgmV)@23NkE6S+&p~qoixHd1` zYh`eI&UF}LoB5WR{}CTA@3Jvc?hcnvZ;@3~_v=IPg(NUo=G zMBA&**4-YM)JuBp^<2Pkxt@azdag`+NxYtowqC7ZpbhXx4s@UIs24dT{DlyJ;%e7E zwP)IVlZ#$6ah+}C=unCEoX*#urEXY@3xd*@-Uma6=`N!Ap$NZ4GU#YTPO;L#X=kqz z^mQj*s#Crr4~Pcn^$t8oS6Fw(OYEfu`u>kZ8Z`v3I#Eo$Atp`yc{N8I_>5|q0(iGj zRFDixnI%>hM^~`IW0%;)mMHekMKr2+v!G)H6VUYFEF|^7j346=-gh zwp%mea0b3JnqO}BR@rQ!iI(^{iF@|x3DWO8yHq@4lLN*v$paDMA9!(C@eZ_XoJKVuFG(cs4vU|K+o@{!|rUrQA2%Xu|M zImtq9VAQBH&sE{DO~fFkl(KpC=#};=p66Z&fCnrAkh%h>DDm~^I7uVj`~X@)tnYs2 zRca=ZVaJPJ1uyf(@s(nPq(yAjsg+A4^CL?b-n>^HvVI0p2;aK%6mr+}sjb#~n}!uY z=mjVAM&DR;ooMG5bBQYnP z^!M6*{viFc!wZo80m3b#{Vw{{xSe}Sfm`ZE1X0B8s879mTX8rxOX_BVxiaXdLR)# ze^s(nLlYHCR>ybR}VU zA<1sH6Q$#Ts!Cxd_Fai|px#|8CF;l%m&2ZBg#wd_P^3r2H*}e_PhWc+S%!?Si9YPo zmA6{c+&-Jx;L~NuRKi-Vw|YOhC7Gk#p=s2X%v2wkTVwadv4l`kS9t5+IiO89MPRSI z!0j5=rMINfsywHGUwAEs8KNnobBU$~KY*fx=C#Q5$m-X=GKMSdscs=UAeX_V{ou1L zFPP(2D?}pU9zJc*JN3Rgxr@KS@7+7&$vd+eS*&@Com(`YZD_)5Ce&`c$+=DAz9P_1 z(LEhZal==y5=Zi0HAfIl%+_QZc5%=?$CisGuze2?0nhC?56AO_ZgUh&YLx>2+gc#@ z@C)XSr*;(@BaGjJ-cLSm){_%%20y z@;&(HF1#IOmbfMShC1nUbxYi2TLf*FWbK6B**AudHp0_Xy{&&MFN%f+4GkeA`1eD- z3LLbNWZp}MU2NFv#GUxZ3jtwPL;r=i6f4*=4yT;q(lEhWy`@)<->o5$(qLGP_ZXhM z3=AOa6i5O$uB!w}wKqbMuQhN44o=oyX^WOs?*uhI4-^^4%k9n2poBpm0cgS}{U896y9wyiJ-wBAgGPNRJw(!H|G1a|MnptZo5blW?~Ow?ja0!$MoOiVU4R2V`!wC>1G5rj=~Is^Jz= z!4Z__erl?@l2~3zXmeQ0Fwy34Duc3!#vc9l929}0uaV`!Wg^BxVTG^h*|C$(YBs1s ztdZx*qMgym7Zey+}oe40mK!n4~f?OLu(KDdd{HfJyIpR ze`Mo`=Shk7Ro2&0O5d9Pv}n4ZivYFkO><|x_6liiEZQ;e9E)c!J$5z8jb>eAu*T|& zmb(6M;!Tp`CfuM&y^;S6!uN^+Qtuqw$IIgK10aV$I=>zn0bx?R@Sb!wFa~qjo7!zd z9L4Sznj8Wo2S~A=ba)T2{NOG;(8kb8ck^#+n$27X(({Oh%!(Ov_WFO+R(Z2&-te+z zw$Y;Wu)(1!l6b6p9oet7KF>DPQOU=5J&wiQ^W1rQ&hG2dd7uaP5Tl3TNx7E&e%r}& zAiZ&R=+!Lq$HQFO}8rV z28*l|pyepEK3RO6JV3u_slIPC_8j`StXBj7lY#zIZ2U)^b{sd58$(hbb8_vzu_t%D zw04R-JRuuV29;LR&LDQ@h1C~Z%SR3^v%i-p!CXXM?FlpMMT)dCVCWz~MzSYVOWFDP;6h~QQ@t}9 zB$INm{D5eTezdGhU;0)-&Qbb(pQF~63(Wn7Lva`yKYk)a;*;xFVFj6I*6~;+?0;Cmm2m<|)A*l-V)I0mqz73`4dDy9rs*}9n`tvX| zxUicI4<-^EPJYmIU{_Sy{J!wip#&P2YSA3_ z6%pibs1vE22~UcKNk z9if`GTcdztVKrb;OwfCJEZ%mB(TCoj@9g;A8J2$^bPU>x>zq6$+|kA3N?muCi7|xA z@CtoYU^(Mzq|jxWFsjM{pm7vTe}R+`YmYk!v&{KXeC*E8v20@V|)ygmY+ zZsIH3(!C4;hqVL~t6P}d3Z98GoIxxGg>Lt`<(UgMR6BjG5FJ(hi(sxjNtVmVB&)tY zD(bnP$sTN1ELXhmE#lqEjfp=P%&)L% zGb*L9jp4pct5aG|Ps$kCb+SmBNZFfWicHGO_0pdEh7A|m8HljhAT+fd?Od3*Wasn= zK0~ec_l>xpVu*9e&7x;&llyOHhz)<2jq)2p<#5vJu0}))Mh`*R6Qj#PN8Mm{q2qNv zzZ79K39`@TD&>RL`?M1i{ae*%?H$tOUVg}TuIb;w^YugKM7u#yS1)V}xl_w6Q7;CC zOS2Mvcv9Tjk+*Pg8-`KAa;hOA@aA=rSxN$p{L1m2em-PmaBz_Sd5D7B)+=9q_BW)_ zojukO+YH(9=FIQg%`Cto2YCcM#(zvF!j%bDk^c1?^cG|DTFKKADYsh6I8bbnSC~FS zJ1ls9XN@6#50Bd01?*kKDYjI@^n43y#nzWK4wVX0ucwgK7lROctEt0uoX|`m zUUgDmPt!yVcLnIj~{iG_R@#MqPbi)(nUewOXd6Jy{}`5E0+Si;J>Q*ZmR0xk0t##f(oEBFS}n=p!j@ z?PUWleUaHT(#L=gSlVezer|5JHF(@#8iy^f6)If;L6{n{hHSl-(a&Y0(07b>GXFt) zL`fOiUBZ&ayF0BXr0zt!;iotbNE3EvmGG56!pkjov16rB1QaPWvs%Wz>VWo}o2f-R zFBq}g;#T}A32ZvIWKvYpRrt3TKtv^3>F-w8pY3l_YLfEpM=!6oZ%2ufoAyfQl&Py* zeuTFgHlm)qle#OPVg)DuU>j;yjUjU85cd>V-86d(S^(VFiODxhGPF^))5w$wO{+>VVF8WGfX24YeOX3M357mOB9`M}4? z0Za93uUe)3rS|$+K%7c>kv}My4a;ClRIG{0_k_UF-uGT?6=74=4P!mDAre$Pq9UL8 zJ`cp!_xPe`R;$l1!Kyuaf{xbNM}nGB_U>Vaerz|U1~A|$PxyFSScZl3KU=Yf(3_%I z5Y(?i*+@ZzbK#1g!=a-#hGpaF+j?IvFGw|Ydnt@wQ{ad+S)&ksAJsPJTB@*;f%HaV z&>SLV&z=HN$`gkPBtbw>>A)uoUx%jGOx7l^CgXLoyuonwDnP^wE>5eqY35IUye8J0 zdu5J9m2Xs{iMzeXq48?S@x#C`t2_rT8VJaw>`Ll#f)8*M*YBg8luphTTO>|=f*_$u zRpa@MB7CmFTJ@Rs`S%WWDYK`$+FC?N0;W3wLGc%Zn^4xqnalndu0V96+D!|WnMd%* z2&tAcGU0{>4X4wksMzYt%&{y_C#=xGhAcJe-C4xFyEiDp38 zxJ+ciY1OMr08gkk=qW!aVag=yO6}fjoxQ7Es`MI6hAwN=A-Q=+J`d*Vm6p;GFf@_A zw|!^UDbeIMWwlB#(cSXsSL)8~e=)q z1;2INLSue02>bX}ft~BTVrgRdKZcUz*Y$ZX&_Zk}SrF3&^PyWM-9+y6|IkLBNCQ#X zoONh7gqNs;7v6~=YKgkPZ{33LTo;Z#{3t`<54$|ZUf@1wwn#r7FL}%VVE;W2p_29VlBVz1 z$IOm)x;1^kdWcCxBwFv?-PZ9oio3>Qyok;FffcD3h23}E1|uBeq$wsdwf4#M<;027 zbg%p-rM|SpvCj&5+QEmXG0tK(7u-a}`rDEHt)xSwk4e#}8=s^Rw3p^fRcDr9hw!w` zxPwxw0(OVk-=*Nc3&VO^IIN+cpS494sQbfKoblTAReHVBqouSOwBzzG)@-V;SDvvJ zVp8!WQYc-1&6KanTC7@16H-=Zbq(=t=R|*m&rpAb_ zN&NO^>Mw|`Q=XFyMfg^0f^+GMQwdDqc?xQJeDHbttqf6;$i%7@um<@}er5cqY9=H< zsSQG=uQYjw`K|O66n)y#hRnBI289eD7w)9xy=nmDQP#V8sGi-N-XzbCORF}njH&cv zLvK0+bE_XUonQbVJ8FuZ{d&oH(ihH-H{Mwph;yBW& z@r&WANVWJ-d9HQSOyfAwB3Ctyi)Q;M8Rl|l>VWkiPF1%~gVlSkL^K$ax6OcP>8<^7 zcN-Qi?pO*FMyi+KwmFSjJ^mQM_o@la9U6NWJyNzhn zn5~az>CDCX{pYa%_t9Sm2VFT9$ehv=CVDt^Ane~ zs-JK9pL4{R$n5axCTl9eA*+1YNqX3$?E}DaFIiluT3V({f+ztwo*hoJVbas+f@Uj{I#4WdPCa}phEE0SB zIgCO|z(v#Q_P9aCE1{1^eQ&-41;UQS@!UbBu^7|))TVDVt%wUvL+<)ur^qa0QXf5! z0(49CIK6{D2>uRubG4>d)sL4!IuU(HK(6oK?>`;;Bx$NaDhOW=F4U&m`rs3G%1Y62 zB2rrekN03PvVJD`lmBR?@e;CjKwuZQnAmdXH!Ql08zlD1Q@em4*AnPao)>XpH1*oi2fP@o9Y9AoPAFRl)=geWvT zjb$*bn(VtUy1WkniMs~)5LWXvCiPMQ(y~zP^mFDQk4P6M%HU_pGMc6 zN}{hxgr$Q4TxRP55m%{Zxxv0-C)S~|M7V*e*ldceIBwt8Pll~=1;g@(a%Dh^^3qKE zq&}Rz85vnX6hx3felRNWZ|8-3Mcu>yxkWnyp(D&*c87EETB7s}21zc2XQB0){YsmpD8 z>-9tY%`_oX#+Og0;t=F8mOGU&^0pPBSc{Kb=I8Wu?GKBwIj$+XkL$m%X}o84&D3>< zLE3m1aJ7~-J=(rb{cz3=c`&DuUXsePMS5paxaiKdN9|+3N6p+#Fx~G?m_Hd|Xfo#_ zI8VLfA3xs<#xSTb6?y<^*5pVm^5^`_3>R=24I*@QX4I%u%H11Fh}s=X68qinD@eXr z*|YM=;*l!8^Qh$lQz`w$k3~n*q1x07mv4DCZ(E$dL~|8%$AI!S%?q})?Cb>HbNIESIEq{WU+%LLN4csj@+otvaCZzs_}z18G`NASkj<9oUFfy4_5(WII`8jF z=DA*$GeTcGq2abKB8m6Y>Q-~?_1SxH(}@jKuXpCL>unU>o&Y%NuwlAXap~PXlZ)Pu zOCSia=vJ_(MBAiFM|hAaVcE0&y(e!XBKcUFaZa9r&t;8DLn=FQ;zO5#1PlgD;_?(TC%i*@< z5XQj~0Pn6lz+2O-oeq$ruIx#<*Urtv-n;yZ=X>g}FMS!+uRbSkhGlJhyU2cF0&peB zk9Q!yx96~soz|)Tpq_{n_Cj8d7EXK4v-)ylZB@PE%)l#S&2K;AHu@y*vqWZ-!)mNI zo*IbeN@_Lsm=Z`W?%-P3cAa#(ERQ}kp5GBqbphus-#uV3p@6eplTU z-5>7)l?h5dna>u;zL!8!JVPw20gw@7kQZDQ$}DaSeFymVvADdz3Es-WK<94jSdD!q zjqE#-+IQEVa43Zk107p)&|*ZJhdFtBM#9J+d+c`*zP1(r?)4?C9>k`bxB50;vt%q8 zw${|dDNe9BiDL+JxtD$U1j^PP$r4cGH5*ch#9{qoD~7=;PPU+tO18 z-A04BqG|6;E7ggRt-gah-T0NuM7THqJZ+M~1Y7APr+Ky!V2mz4GF`P1g*$n9d<>;n zSc+?q+nhCL*c?kzdcL?Q;T-rv-a}g)^&XPON?f7aW{TSWhKTM+q1%|d(HbJodOEK1 z+lcs%2C@RF+F2%pVswTW{c@mN!sbEfz2*VEbzInUeOxX{rxXx8&!opH;Wn)& z8Md$qpU6Mt3=6@c=FK_|1ScM3NPqnhsZzAxN$2$(!EXI1p;K4g*qI+I|o zJwM}@NxHkjOfV#zA9Fi5RU-CheDwNGs6wScY~K3(y8JU(|uGDTpCw7o;M5bRft!?{washhyC|Hs%{N7b<{ZNI^S1-ArUKnMg4 z1a}DT5?q4@C)mQ>-QC^Y9fE6c_n-@R=XUmc&VA3`XWaXJe=-KF)jjDsyQ-e2ex+|z zrUoica6h9M7f-P#Lipsm98}@BskR0FogPm&?J`mIr0*NCb%K8nJCTV9)|sQ#a%acl zyVa%NwKOkx&f70JslYCP5%d5X|8_EURIBRXL zIL%-}_*9(_6wlMhbzkrrE|{VZpuJqwmmYy+o8al#tm2nWiAodI$HBjET5r!21lY5FL5 z*|X>}@-+=j53R=JW{BrODNGCZ2)r5K=XLZ_`ZacdD~4)F2iC@#56l>GEX7bBg; zRy7%vA{5Ac^MgW8&;9P|z=a>EHvZbd{GKyvt=qe9-c)@EYQK~vsUwBTFo~GewsqfPM*8S z5OPsA+4j}72tK-;^tOj;jk=upY>Ar)a_rqsT}b_r^7%PVhx)O3 zQjdr0G`saq0SGZ8o0RZ#*3STwy-JK?lGp&+7eham^oL^$LrJNp*Nj`HtyJDlFqpY( zo&|KhEeoBwgNjFiqM`5^xw*ABvI+2G$33aGI~)hO@0V7!`Z>(%3&4Tobb}zjZ|`mv zMr3CiBjGjATF*FKu2T)4{J7B*LAGreR(-ikXZFWA>3?>s=jU`hTD+^|f?b4ifyJxi zC7m)xsuQX}lUgUq#Rvc0pgPnGJVx(RV&N)Y|=QA?IewZTVjWqBbr5r{+Y5$d%0T2DLy>(aB4_1+6Z2wJwe~izPJSALN=UG zIGgvG56BDK5JE9xh#(fl0-2q9_6eXJ#*FLIc}qEvBAH)S>^vy-OxhjbM>u1s(faG)ADLuqxWwg$~_Z#-%ooHPZw%H5{LyNcpGL1@B+M>2vq!_qcKW z6t7qtd&Y#p3{8Q4#NFbCucP%f}Eh;+R#J zliT<-6xH%cD<~q{G5jLtZCt))B~6NR6vZcaKkPDoFM&I%<4we7SL$W8Dk*UvVc6xB zPKnnN^*OCex81^X<&x|1Z;m5vsxi0To?!Yb5ch;pdf6b+uK*$i4o0=@+_7D-JlG;r zhpKY?lz!V{30&B;Tka}yu8Z>OM)r0M+t;5BNvScZWauo=lQQ;KB`v>sv>Bt>r zJ5K9UUCt65EZBIDOQehEd+q*|yMtPw3#Sq8gc$q_xkhHC3dBHK#Usa|z z1W#ol(FatM8EX5%I>KJV=QXw2?+^yYcM18w=C&E8w)-=a6C z){rmzDU~Vs0a`%;_CbF3vf7hg3%k{D39M6C!N5-fek|KIe zTC<&`%7@Qbu4xbL+-A0^*1d2vI6cptom~?|;?OmvTO67g%B4NW%ud?tPI~TI(q1!4 zO4=3lr?%e6qE4DA^3FC3 zR#oW8yhZu_8IJ7Zs%|;<78t5S_O@)2o+<5W1E^>yyi!(vn_yGoz%E#Z(;n$N)))28 z1d0%XX*tD@uYYv$zLOfS!U=?+8&!;m55D5x`MF3*bJ7zWA)D!_U81$Zb#2;}jc7T^ zpRN<$QhLy6M$(bfCBQMG9&jzt$c|ZkeDDwxV2rfvse>IOu?k>SrXuu-bSmviU2?Q_ zATMx}&wPl=DI(@CIh7Oz=)BLeQD}TgS=yZy@wEAT%Ct8fq&fNMyszKdQ2&Qo(McD| zk3cbXyPQyn1n)K8Ct)jVlMdcOX^Tul&HKHcOqLYJzsUFX#iF|aU*j6P(7Y!9)@+%_ zj$*d{Vd-7Ew6?aiS~c8c)03IWTsP@huvjvXx*9M+%iWGAv3#jR3Q2E&${6`gY&o*S z$+sGGe|eDgn$2YBYrVq#>Nfv3I9O;>Uf%RY?&UE` z7$$YV@Nqj%Zk>b9o8Ex*yi4Nu!d57akdu8l3iD(oZ;JH4!pmPtGvRbvnJDLL5qYOo zj6IYETfc@6^r13Y1F?sK*8{La=+Fx`I|^4ZoBGSqJRC@|3I=FM{pnoMS-g4Gz~4JY zyrM0PuQFpp&{G4&kC%arPEX=WW`T)Ms@WGfmlB&c|blQtj_>a+w(Fz@kub=?(y z-Lm|89zGU}?&cqjg+&FTVuSlVGWs4}@9l!YgLfCP{`p?D4K^&S*T|R58?2|I?-SXv zJ!c+Pa0~7F@Ibe)C$(~6CT&VQeX=Ygp)HKSnC;F;)~4yc=T;|7ZfCHLM+;776UFfl zwtiy#(`kPDiuN9cW{S?J6yP(V1UjLhNL>kEon2SUJozh6To5Asmy>9K3Odt#5mrck zln@GgU3fYDJu1_K(j^XOBB7MH-b#%8Z5}WAD;3L>e7k%kG}HobrDPf#O40Oehxy$1 z6qEZr9=|5yYWB{HtXsI7fcJ@)nGe5|IqiyR@QJ`UYF5^l*NP!6C!6b=P}toBKh7q+ z69+`YMJBU*CHLmm+~)>u9??Laj#3Sat}kfZtW9vh1Jx+==V>B8MIm6x7vx z)#&f#WAn`5zCw6Z6t;w2?GYvE=K2KUts4ZP!cVJkZY9g!$+D{$E4czaoL#6VgBT zHO_o42D?E{_K&+Uz=eiOs^7aB%>@$O$M^sEWuT(hS?1-* z{?N{nUbCF{*AoAGCv~C(^S=VtCFyf=F#Kyd<-~i(NFj%9RvJ#4G-(0pf1fJk;-!khCyHR22FUGnuGv36=FdG_a>M$b zHl3vhg^K-c>DF-tKx`E9Ymu->W1A}(+r}}`-(@rrdZWSHRv2%$S>gVB$^G(I_B1dsgNCHHm6L2Px@bA_5n}*KD3e?`0 z=f_1wDF3#grzFCe60?q`SgBz)j#!NWjPryEVl;8G&85jde6iN4R{qo19t4|#6A32hYdUkTZ5AE3MCsndXmZNtEJxDwY|4I{so0 zH-|>CRHOg3jX(&?x(L_|%Apc*wBie`%fF-E{Txr{;j%yc1#G~wn0KS%1i&X-W0A_$ zOMNt*$>vyDs=kwEHhpJmM1~%j6eh0mpI`h}5qX{1i%AW$@Jo4V?385h_^PkaJu4$y zulTL>O{c^$omVH9RhziI>6`?(LR?%Nn}kF*fIR%yiN~Wj;2YO(W{S4fC#!Vq;-;1Z z@uhLt`ZwF1*z2R7zb2en(qGMNwl`H26ojrbTMOcSGC+!>(oU869M0p+^J7$`)o#M| zPif(Rft59$7&5;AY41?24ipshR=Sf+$Szb&u+*Mwi$eCE-(PJb_%qlL8yj0_-l77| zY$nL#C6Dh}Q(ThoC7NERy|jkuirwI}#!fb*MJa`d(>@CskHN_FL8Yb2MZG=~%4oXXwheCJU_}4YxVkU)D(h!{2~yo<^n6AZBl&>Glxs+Ff2Dm3qe+ zNd|;N`O_R>KX+3*3pzS-hQ=1hu-4zhh~-xZ20;9YhyCU5j%1tpDgxrA1)LsJ`ZmAv zus;Q=K-04N^{054|$Oy9AX z{(N7Dg+v2QFl@0>nIIf8t{l=?w;!@1V9hLlNVN2a;(xbVDd2WR3>ZssD9)^UAK^l# zSxUwIQJs#HS47G+n@VpmPS#gOPtJ=^cEBt-txgxJ_O{zdXT_^w+6b`Y*?t#=X1g-j zgoNgz*Sd#ti9Z($G!n+X=8Ao5S?a2B`S#md`1gY0?T@IGj1b&@cf0#A0BWNs>PLh< zr}b7ciU7t7vp1xOBXk#2xqc*!v5>$T+skX=ES5qdV zznv#uDX38B+&2ax`S%Z1g9O=SRSN%YLx*BHnN$wsR$% z2^dfuVD?r@DBJ!dvnDp*B3|u0Ton1rNJ-JUvHyssel=VlengUkgfletRCbbQ)&2yG z?S9ix;fhiY#GVs0W^ZC27!YWQDv3>;w(2He_3)t~C0Z>vzlM}b_NR*!zc$;M0FVpf znNs;Qy?K0UZ#qnAs1I}}mNJ#Gi>-zwN!u59%TCCJ27{Qz5pEA?x0)}`%2Zz~L2-17 zi}-@y7ph|!tX5OTBnF$kN?bSD;VX>5S%y>T$OvJAQu7&rm}~0bq*(8EaA_hTB_+jn z4cx6lyQ`DZeLYdj?Kj{c$iq*wyuOVTVUhFVPsSuZU?Tn@i%LRY=rkW>VxL9Ls)oc@O z{e*$==1ndzw4&InlZd3Wc0KzIF1ob~#U`QG@k%pQ$=l!Vtj6I)3$Nx>J{QO;;$%3P zzCs~lopd5sA;lSgGmbjsq&n9noI)euuKK-jX!c4ou1$W5(c^)4B4x4ODN>}3dy(wB zt|3BKs(Y&$T5x!Hz2(Nq6~P|R%Azn=32PI(gwJXxb^hQC3@V*|2zqv(>qy6Oxjrm! z?q7bD1Z9Sq>lQ0vsXbn`66of^{*5pO;cjnBT=6@g+NoFsR^kui=+*SJ5aNkeigcZn zqVw*PMufGE^jJ89!$9-`x4M=jT<&CU!r~aPOaMp1l?hSIMC2cbxwRiZ2zc|Rkp~CE z8vKb!NGbe``e1+E#hPm>3ZXZ;Bf#Q(6m622&5R`b2AEPMe-w~YomIQh2Kvq;W4n;? z6h+gCB5Wg;$vR2Q<>oeiZ?>}|&U-+hkeCGkvnaU))NjDL zySXD0vw{QiEkL;2i%Zb{>MPJ9N|H6+am%FTWQ}7Ya z`Jq&-8ifz^`BF&6=9Vs0Pj(P)8S-fuK3?58a|y!R3w+`S4oJZ@H!G47q(*YyH<~^( zh1x6RXW94?Po@{^Fw>>`X_s5Fd?mL`M(J$30NY-f9w#gHWVQ}jI_W-W*c6ytS*Mxi zN5UzDL(>S}4oGCby5)$aQ3+pbQ-~cIQs53@F`NA;`K~|w@=?^4Fp@U1`q2I0ddX5z z*%Ka(`0IW+E^GJ^drRNN(Od%>Pmg0)+k03cJXrdJQyG4Tqg4yh>q4QeVMd2>n47hN zWrA$6clEH|!(4QZ6{nh{4QsPQ)b`>c_(x#Ie95xW5_XttR)+Y+Yfr8_rs*ekDR zUzcitG9qU^S74zvRAI~1TEfRN_^gyA!PGv7%IOP|Q09IA^6KEWcd2cN^XUSXLwz6R}4<+rCQ|{Aei>3Os`jh$nTB}R>9A}pH zgygTmbi#}~fq@A1BkEh1@9tZU@6OZpGgqHi4YtFC99IJ&eoi)Zfg~38I3yYT@a*og zqX$YwVjF^{7Qm_Y(sGQzx*D_GB=~iNp|tFW6n>Y)*=C+(Y`4b^XG~^hs%AjYhiBc< zFKNh+EpQMHV{b4Y1J)2##0^Z(=hFRU#B>k$58qCSVPOrnno=_l(mSjfSMEa`D*JGL zk5W)&@VI~?DC9>yV!=i;Tjf?(7gB_tUhNDjjZUU`W_amvu)no5HSargPFv5-5vPo3KSd9SomD#xiOPFeKY6{-j(qdJ5YA zI4({xyzbQ)6l>P`hmQSd*dEC*HO!$cq=qDev?spsqKW{?m^KJKu?3`L@xr?OQL$ft z|8}pYcH;?ta_Eek;bvWoTK;9CwsyMacMtnw)t*zc-S-?izu{FzJq{of){mppJRbcP~4V>ToT_*W}R}6zDSt-;pt6In`9)b9XxtHXed??*J~Zi z@_ru3Gb^7H>B#n8{qkc4+^ML{HB+LLm!M5pbl-UM%<6l#(r?*5QpKQMJxz^fIEqZ} z-xS&bji-p#0MU)>M_g8DyO>QGViGm(B*HOx2q!vBwy0I`E`p`hLF1bi$@4Ds8m6Io z24X(Mc}FtW%v7R_K1gw^{uInTkHBZ6(R{#a(op@_)X~4lBM5VURrmAo`9YmVs^j*+ z?B4EPs>IC=8j@0;M$&-rDlL3V5$1l%>4S&!^|9H<14cZ)^jjzafg`C(WJ0&m#Ji*+ zf38nGeqN@ISTle4SNhjtg#~aE(OkYL%9dunjPp1L^Raa2@zz9JEd42Gjc(pFKtzd~n>I>K2x?tL8ko ziwF^QT$M>XuUdIPJHh1|9*-tDPS@e_!BO+`^m}jkF*!E2lY&o6bZKg7ZfZ} zv-43dGxH1b7y~0)$K8SLkV((+tA!FoooV$mh!ry+eiuVEhJHz#sA$Vt$B{{%RF6X%@yLs)hL^`(yV54 zcnSIHi6}8-kD5!%d5SAVRh9N-Tcy3B^kAi{75-x$Vyhhv2h_>b?aivv@AMkiQps?$ zOLDY^JV2DM`zbd^^mqt5m;!sQoOtm;(ko6l?r*kljQU2@e5<kP?&Y6-$%4Z&NO4&4JUo^~0r%m)2x8q#brccFRvr?zXDt+&4>v%o_l!q4g zwng8Z&kL>gTvlT2hK636g^DGwag3r@7Lgk@;1}Mc*wILVV`g@tsl~ zsx?ID0>6DNGc`n#qHwWq=Jjs9H+%X}U{*s9oTKdQfq*P&p{AT{ZHelmRc#^5f_{LrA`sh_F0s(QK+}MM-Kj z9IdYjK7@VQN0Jcq$B5jkc;_#N|943M9d?;qj_;FK`6*v`;P95X%o%E*(+^T?n(}3C z0g5{nWT+3!rZ@M~WG?)ZsjGF~de19nbNULdZ_<`J;={`{z9(pdJ2gWN#l*F&p<%7 zG8U3(_`Jqpr}y^L4}H37crGx|jRlX69huBxT4~mH=^HroyTaz%w|JJHCm!Wr2WeEw z6hw8=kl|IJC1cT6NsOa-8Yx3(zV4K%w=EVQk3WSOP~68nJ*XvaG;R2_d+Nj2%Q#zH z4l9$ed$FjY)oV@+fe*X;EFUEMj;~79s?}{#?E60ZCm%x1R?2a?-PhK+5LqP6vl(X# z4oC1k=gJ<1^D$^xYWaZ9MI@@SRgsS?3bBOK#=!Qz=clqCjzRMnsJ)G!p|W7f;H!c5 zX-8B;u(DKMUheynL^gayZe!IN6E+ja`Zf+!Y+6dq!D!)&nTK%W0AnvO-Y$A;4)X4( z{QJ0)dyw<#v&X{~UT~xKN!eBZaSZ+tW9%6e>(QaUn5VJRrBtfD;V^ zw95IR+0Tp6;y3Wfp*&LDP?S2bz8_)D25;70I;#rX8)ivW!<#T8QA6;?YRFwqX|4J0 zonC4dci53Gv~dKUxDxuvi!o zWJm)T@o=&0njgp%m*`co*&AF~hbB#E7^1plHJ~=5x4@LQT)&JEU;BCiYrIk9qNUV> zVGQ4v1cj7du7-<1%>XT(WauZR@Gzj~U4As&1!HfsEcn=f=JfCGzN`x#(T|CakSaX*vzXM_yXb4VY!BqKtWV#~-T|O#pnCV=pWfV_kFo)X?t(IQ4%6JuRY;SUfkv; zPFcV%jq zlBd(FDnJQyha%`1%-Pd1AT0o%u_mg2-q(7eg8a>^(5|hk*1N19m7k zYdoSdHnlSwm@RFWszqiZfL{t&27H+IMjKY;ZvtGY`YAsJdCiMAvQd5CWvHZtl}A-I z6R>td&|~sS^uFA5B#Zhvkec>Q?FcCV>X}f9Lr0oxPhP3S%ik8KS?KI znl?onw>a-7p%#Q`^lbE&WE!Z<@|nSqpr_IikoxYGk`*wIvvjuAZy(*Q)FS5X(hUz3od-tz={lsIvT&JB16}o<`GFu0`BX zy6${)(1mMQk*mZ!=E*}FuHqyFlz!4oil%N=fQT( zg6+}ltD4OOotKDa`~A|@hy>9#eh@RIY?A4fMSL%ZSh9>(^T)}JU6OXC1wMuszYp%* z3sr?HECcWe%g-A`cH5gn<7KSWAF`DSQFv#3=dw3_Tu;q*C zB)kg7MI1MGn|=qY6Xi|*>VC_qpnAoouO-kUR*eDPy6)YZMK*cC!Fw~gO$*qx_>AzR zm5umk-Bid}%e!u68bx>c5YP9%EEuqmd5x1$rFaWYk`o;-Xt>L~d#zLBm7km&5SQce z6O`A@Kn!mLf$sQ`E=eJPVHDY{N_I2yltC=KFEs~z_nUyO7V!8oRxm;`#p$) z_YJWbX*>ie)<>&Hp#Dq~@c!*Qqt8(!P5ad$?!4X^N41odw6CA`^4wFaxwdNQXqk|e zUv+(j`4ySg1*GcX@nBoG^7ga^!MktSF%xoU3yaD!Z%FKJJh8^7QD23uw)6p|HX%UV z9{n>&*P5hqZ!$Ny5A>-f)$4Kg81>bBY{=5d|Vmf zlzH&T>kD%Uor0O<^$$r6dWG&>GL)RGFY1j45kd|HHuK0eKI&~7QA7|m|Bfk&q20!hoi#c{=y54h&kH_49g;r!AbEpkcr`H~W{=n{s6pB}nz#zp8n3Ut zr#0A2Ol!!`naH)whe+RN1&XSgeCd}t*V0$AIgswB<0(5e zG+1AWhLLWfal}A9J=l!Ers$n$tUg&q^H4>wN^Op0Jh*(j{WQZ8YyM%uM=11UX0E@` z)s@F2Qg(4>aZs^f661p$w0qa@=|y`FHG5=6j=bI^e^7MBfm7 zjkhGON!T;1`Ps=(1KFSx++fo2#nM`?PxBk6m^yW0gey-ckQ}w%j-wvmf;j7A$87CW z0ZWsxyJn-~MEQWXUkII9EKu!S+D^htoRdXyoej74@{>Dhe=55Ju2} zmR@^0ksQv3j~AX=DAQgNT`IBv`2*$CL(0#d*l-*ldzj;`cA&VOFOyujX_{pC*%_7W z?oUU9BKO1M4#cY6Q1m+UnN7;nWEi)R{PTABl2r{o9$h^+4?g?s*Tzq3KG}3`+$Kw< zQ)|6GK&D+2fz25LuI{V!`U1ra^nf{%twcq`+ne>QpNF5i9^fTOE!_N?$^H4PSfFeW zAgLc6Uq)_b*6hdUZk99F2yB-Q2;JPcEd(qt_Slv3Hhw@xW>>z0JWO!Zg4`Un&H< zr+xxAIA8&D=DmyD^V=7qOgcBo8j2k480+Z{NL0Vfd=yVJ3A!}mat3Y>#H&-U_kC)l z|J7UH5#jK6vG1S>`BVApKSvoy^N6+dq{u$6HX;@r@KQ4-ZOWYLz-j*MT12eYpCeu! zh!P1c5_+B-N6uZ9q4#OZfva-5K3uAx|D*LH(5D#_Gg1Qm|CXZHAd;%CPiUZ~q*|<| zW*}p?wLgoS{in8r>{as->QYXc@F#)hMg>X5OhKho{D2LKVA z3%lgl3-c&eZtjoaA3{k=Xz72w{X>W_0~#R0)~34a$%*GOq%yK%j>0|4YnyPskU5Bc zsZ1eknISE61ap=C;1-|CuTR^eVmpeFO~Va1m#4uN$YgJhvQ;095Q@a^c)o6#O8yrt zBIs3jUktN}IXUdc^_~Zz&wzX;!jv*YGA!e8tsw-e%wNo`r8$+)JoDR6LhMP95WVb>MlIVn4(G@3K+XV~yl>-ZRS2*p zo<9fGm1oVIw)5~7=#pIgh=xp;`AZwI%1T9(Hd}wL5P zaL?9kpfe2N2ft4#PQ7OV*e1g0`}Q!whUl1qX*IE0BPKT8rCSh=*y58=qFpnVmh(zg zSkiT=%VU?;kjgi|qS@kJd6Uhnt-!!f4t#4Ixe!*bGcO9(*Q`{YfcDmINuI(r;6&@s z_lLBaWJs~qXr`M*zrrQl>3gMu^Qd*>>Nfs#*Y<P-t(>I@CK9+dDC6$IKC_d9vVO zE?f@hRpQg>ciK^8T^HYK#!O>4t`Un#pZ`(vmwp!Ys8T=37c*O?$kx>lyGE^cy;XH3 zfXahoR~dgGz!zJF#!B++Xi2^)*G!+1H?}5R@0g#MwI}_}q#<%Xb&53#4G9s*bz?Jc zI$%Xa;4G*S?wBw+_Ev@qLprpYi-Zk_%O7@aCK;*+>u zpEDvFU+($o3;>h>F!D?ge9FbEW#Rhk(?0ufAoPTw@>G1XRJnl%^P#tC;O_!{Yz3$- z`40OMm%{Cp(KwvpP_+y-Wd^DOxLlNFO4Es~}ZG&6XW zYKsR48W9xDAg@!-EAnaWT+4h49VRk8TuaGspizr3}niE{Oi#uYy)IEx$#n{>a_Ck^jHgCdEtxJ-`ckH39q}4$A29z! zjzES^7Y;30By^Tt>^d`qqm)XZiqln>whFth+P`KNiUq9ze-cgOMZoijYGMZJw<*+U z*QCNRR^~o&Cwhh^Z(VDt0p5a9M2=NOC5f%fpJa~>x&ZtvfwL5<@Uw8mnA7j&oH1?b ziVJRsUQ8HLSGV~fBz&A3`{fB_5E102Vbsvk*z zSVYrtlJx8K2CFBm9#*n}E4uA5Xl?Fqj&hc%KDi><`mmMiG4wQpOD$ zixr_Jzk;CCFxDmd#>xzbZgrj365WI!0hN4p@m1>ex*1gL&DHflRi@-quSt2D{Vb4c z#@16KCRNP8U=m!-H#RdOs;Y%?+oMlONMHWKNJyh*VX3}oEYvdiCCTiF6aI&aZWI(8 z@3NRlH`;{;R`HAejruCW&QKwqs5N)a5E6;i0ed{hMvp}ly{&Itox0!`3&;$K`Tpx{ zydSy5>xl}9@Qn$tfo6{j$Fu0X{Xnr5|1As%_HxdK&s`|{=R`%vSuHLwnX1R(5-F+(d~H+>m1cuF$~jjTush)wAl6ZS-zT!^h0U| z$ra8zL=u(Fw(P>TKIO=?AJ{e(Gc<3 zeP%aiItq*!L=v!`o=JR&{>?Pm9En$LlKWFX8Tmgel$IQ@4!OT`iOx0`*W+DI*-lX? z`-P{naAK$q)4hDzd6Y;9zI;52RufMW5hIHqFYoQ%y61mv6@2 z&n-JAci@(Gz=>q&0ifUR??Wi4pG8Vs)T#WEw#IC2U5DM(Hj0qd|6nHG{R1;mk@Z+I zY}pr2n<~rDc23>phTXG*s!}7b_-;2Wd$Kgd_K3cpaiujp0-WQ@$cp;VyoEap=kb>Q zbcA=*RxxWaATF|9tO5Z1Ek9sQDh-;B^x7pEc}LtB^TMdgnSWy%Ph&q;hu?>}5wAqp zAJu2jX-_RiMfMfP;>&eH#*KQH0-JPFtx^6j&;+{VYgicCz;$In`U@*M@hrejLg>xK zRcUFmZ*PLED1xlCC_hKo?u^xJGG7_ltOKpKIe(!0^n`0#Do@^Dg{A1rz6ZE4s}2j8 zpkTt!^Rayg2{awa*d1aR8+z8^UhqIQaoH~x9Kg(ZuQc0zP?hj%#Xn!Jxg1fHrDhBI z%$G8{Wi8vje_cgP8jmiP0eChP2elF}1zZ_CdXiE&b(X}%P7k{$s-z>!GHSLl5v){~ z-nib2_vw2Qkp^fzl50CoR22`KsoH-n*Bmr#*MChLdK&)y&E+EMc0HS3`)=~cX+H7L zZOw63dcz6Fkf7^bTh$CmIQnYi=8dW;t#t)Rx1iEY&`Qi|C7#zm4>Rk2aYerOeq)|C zVV)W;I|F&F=JsvMWDBLqTEFE7O>RWmXsJKtxu@q{({0Q$P1Qm&j!%>T!XiJqRbb-; zC50+j-`xaizvj9Eg*qRj@?%tU6l{-bRJY%E$aUI~pjg7qjiVo3Xlqi+ErC!-P=m~r z=p*X-3Ec8jQq68^-w7jxB%EF1LsIS%V?;TvbWB(nzmXG1NBy4=-r_8N^&ghDKPI!r z4Gi{rBVrugISVJr899Bp1sJn*-$YwG=UoOn$6fl01)`@v_4iK{+HPLb>y;G-qkdNqsLE(Kfz7D}-bC;=_^dtw4$D z_wVm2N>SFYUrRVpY4mrzcqy%=#PosZmmj;J4d)T&kT!~9D5=kn%Z!b&76JO}2+rB(eU;r&o+Mu*^tMh1J43sm!la5j%n2nxS} zw1btWTL|z<_n8-bRJq0iqkyD#yBsl2g?VOiOikd(8Qm#hJ}u?5mxh4rX*(alz*5Nn zNiqLq{^Vm^mvCZ#39+g+E2-VxDkVx|-S`=VyP@B_FnP!J6XUFg-_%saR5gd6cKzwm z<)_HK=ZSoa<@t^~V6_<}qxvA7B$A>SWZU12#)x>2(ErLOxzZwU+(^e&F_BrGm3Fq1Ci;+^h7LCCrP+=XEQjBefklSHD!)n>YSNmC zSRQ`Zr++p^9ZG1P?M9j3m}WN&-?lXv7m&tZ$&Vhcj2j0Algv0tNhK?x(JFIeAQWO_ zxg?!`GRdXW{QAYRJ=B%_~Gq zq@GzVX#zzMFtQ_rF1eD|r zG9iD+6y#KLWq$U@5b=1=!**r)?Qdr}aZ7T~0`JU%Q3bkjOTjy0AKyO30 zO%5&G^y&3t;Sa!~8U_46$?n?EAwyjkrpvde0Sea%e75F={Vms(V%h5dz3qzLT-AN zSS#$Cx(NH<7@(DorN6r*tZP0IFn#L$GF|?2Ysfx}!2qq#-Qz$VB^vtpB()4tET!vg z;gaiDy)*%&eso@Y z_8U7wG3ZVpr=Cp4TN!d_92_$CaD zh5@EwwwsHXiGSM00gqYaJ_2@$p<;g8zsMBDPyb(J3JVp7e~~HB%X4ZwXCjNJ)cS($ z%D%g0gJoOhUpI&I^(&Rksm`E_5oc?)Y_y8rl*dEAnNzQ9AyI}wSA|b3&$>QZDhQFs z^1-ggyn~gP3q{gH5Ew)fNX1mmb;K+i2$R0E?TAzW zs|{!oMx3QaCqYMVcdU=Zp_wcd-+0ZGvaut9V|{MFuG=U9XR_DG(JB5Tr1R2##dbDc z#`Y>5;%Y2v+`)#&p!Ib&X&jA29B72npFDIiR&ta0=@w6~r7#1Pq~FYKH!CM(%1t{> zqg@(Ejfsb6rFP|86~cURGp|M<=0hWmu=r7j{%cyxgEvcVt};DpeiLG zxS)Vce=lUI{l{MJl#v$tPiOw04v7-)KimqJ?EgP*MRWVj{|&d|_PhN%&04bUibZa^ zVPwM)`p~!3ffrE!qE>A8bi7P56a@?Xc5AYWvKh{e!>=6k(z{=2=>HWfZr&S9Ew>8# z3tFL09~$X*ep7E+r1@q8UqYYChjd=LCD5nk%lYoG=*8~HX5uT>Je1fdI*n!NntTtv zkM3&(d;)PZI&!d(v_rb&HDR;{>7`LrNc_#JTS)6lQu&gdgAfT23+7a3swQ)}Q_Yjg%{y1W>a6L8R|qeo zv?Ijr>F`>jLeP{513G;CXlQLR57Rz9^Uyei^WCuR9D(T|$^Bdonc!9DDFxcCg*ZA5 z|9jpE(UpeqUhgwkPK#=1dIZ)AaHIb5@@yqk+ueN$RW^2v+1x^Df*cs|3=p;yq}Y2< z!IXULxj;ll>80pbXU_`1ogA`nMDJnO6rUht^`qHTYP6yJKI?}wc9=9(B-%hDt#)SN^gw-Ng`WBor~`({sm`64w_ooU!)4E&iiYF7kASU zN8_scH~6>A6%_hq=g*}sg@=D>WuuY|9YgWTK8VMdpCys-s0)`pvUo1E>}Gh~u`boI z)IV5Qcn^O@aMwBBOf-N?D*Wl%=Y~6wA*J9sEA>6j8ZgW1qbvS$OZmyZ^! zMw9?elEqZC?zJqcK+F=?(f~Lh?LPZD==v$ftmF!uYG-ull2D2n-rmARAI<+*T0|q{ zmw|^hP%P68&69}Fytg+ife6*t0)_{I)q$?lpR>2YwvVJemyCvx`m|Y!<;yG*A{z8@ z^zm1TEX{3MS2rO_0y36Ve^3?eS^gh<{_55FXYWiSF@n$|M@%svZ~9Bt`2Wx+w%8RG zLvsVy^5uUYa465_1&-R;tw2++6w(+DCWj5x;pg&Jt_o=6gZO#_VeHJGFsYYHGpJSC z$Z59b58!Q_=a3d}w!haDFI_NNb$pS;qmx6*Xh~+t18_U?LOmEt#@zuV@+``@Uaqh9 zVT4I|K0RIJ`(2#3R*?g;SfQ$7}j#Y329@+1I*b_PD4sbMGY?k-^ z<`NhpYc)$X^@KIhTllw^iqvx42ydudKyP8NdpO5}v|xBOJ8_7`C>ry-d3gAKb6hc| z{1S?nA$VFOxZLplL1;`WrY8Gu@ z2h-(w*7oLT^iRwS>yRf>)}KA%G5bvdFf)YS+gQ9~J$5wk3drxJSAaskJQX6*?f@HL zZ59<J_(?t8U!Z;3A?B z?P?TY5iC6w-n!TRfeO~ualhhAHBzn2U-#k2-1RCEp_F~{4KJX!vroe5c#^RoZqy00 z8n7KN<_K&pTdMy-SisDrmC&Kx4;O;_aT0}HFKo&nl^8AXLR(7R{b{s;8AzU~-}yGA zCj>_L-7-eOe zw>%)1+D>VWk)o#qEHHg^d5@NY8pv8ugIBs~XugFcSd}-be&q1W8J;;VK9zYiParao zMW5UK@FaVA43)8X5C@kakVguZ4pvS^C$W3;->plm;~x!ISRiRqz5kY#4L5|?vvOxX zra2t*g7XC{TcD{{IRRoQAW$^&a- zUbSe1?B7?&cl^bT2svF7{ZR?B?gg9%&UKVkgWLXMM%dlH=E#RLNMM6T#tEa?31KjZ zD2LB$$tl&WTTE8m*a(*TuXnXS&y1Cg)$d&hc!! z^S??*l$G4bH0+wb;Up0STQm;&(1@$5nshk_fl*0H{dPDPj-vwN{0N3v4J6s_mg19e0@m)-wE+gnD(v2|O+2@*6wAh-wj0Kr`nf|KBG z2?QE=D`4({&m@D}IX``jb<{oY^S81Sk_uEc65O*ETLXs!OXPgW@Fu|SZEu6aORulNrr|s^>ss~b z1dM4(kF=Ms;1f;p-vh4Sjyink9++ijANa^ngl&xGb~MIRACQreu^AByN{A7%D3q^z zRG^L1_cTsK=cQ;QQF7wN%j=Ql#8(zO#Jl|AQBpX~pB@PmmdnHcpqy$||5Br?-G^L?~6rqi$q9oKhv3#orCzZ>y| zmF8~sLRM`*EeT`{jGO)ep`))H`A#>DO=Xd#;4wwY{sE-=p2j9^cNX5PBz;j8KmPJ- zKEaE2a14>DqpDeWfnDKs&e8Yc{LE!i(d+}tQPdaZWFSqZ96O@bpZW$%=4(Qj9GSSUeLcEP3jsf_>cGJsYTyTBx-jPwI zDj);+VT6$W_}mGGWV4p%ApBwh?e#4{ERpp5@<%<0IDJ%dez%w3I-%uvx3yvm*l>py z1ojCW!tQsu1=qgUwK_Z?W(=rfL4q_{`smHf44R1mK8KBCp`QS1KAxt{{zB4L)f3*; z%b$dXWg&#fu0n=BwQ5l$R5Nu>`>RE|^$lEPX^j@6^e2eAakXHS9cKOS7+R53?89^# zRWF`IW(%OPFjzbD?%iTPe;1IxBmlG+V9rpi$CSPr$7$I2N5@y2pf7RaZ&`uy5wH@; zzkU0%zAUe;b^e&?2-u9ms2)6cj!>ekfHJRcERXeBd!=<=){hG>o*prL^)^jN@vG<4 zS`lAA{d66!u;P9W&LufqW&spwp~fHUTJ|cPW++|zTi&CBvf1~+&6fS_PT=HxCIS;NMZSSe&^mhFrTE!NG*Hx}hJ2LgQ7pI` zjVpFOsQ0~qmV9o@!kH-#0wEQh-XmDtry}JGSX@)mVW2H8UlHralTmvXVeE|L{v%<$ zKme)m$+??`D)UtBFsV$MDIUUWz#DQ_Q&`F}pOYFIlFB|{WIA5MM~eKV$jVoBfN5WZ zfI!E;)|R5pt=3mUzX{0l^5di0Q?mgnrV4!D=iu3GLnzy(jRYrJsxEQhFYl8F8e*P$ zC9=o<*pFoV@?Y9wV)qAy??rtJeEnw$$5bwo!VD?Oo`m+77yiM^{5|V=?#E&f4amNkCC@l= zUR~lMap66#$$)+sgz0x4K8`X)*VC&6pBN|I90oEI+mwnXi)hxS={1}w<;N^Qs1CL8}U*s)BrDPM@QFtph%&HxlXAK-OpgE$R1R^2DjiVk;_+&FHML537CGAko(a} z={CT$D_KhHDVoM z8EpPlz&u)5b_@+nob4;s?EhJ@6`X4&{?H+%<-+#^*6sW~p*A;3< z8kYWsiQci=g~bI*Yoq5f^!zYOjFa?{7S{MKkH2Ljf% zY#gC~f9L=F#{ZoB|Mz1boA>%33I21`fd?;qz{}CEkGr@=d8?!pzOufax-)w035+tW zoeti?@iCrQv!%mM!q4IFGRoVa)y}9#Xp!RDs453c7<5(C|9*Ff1J1?GXvDZlW-2St z=Y_)i=a$5a3<@)24JClcdD3TJf^q1?lD ze?8QbTSk>dn7#?RFxo%6&~P;{fLY1Uu>(Ek;%^R`Ddj5!#*xSK)P=@XaokAzFIH&S z#QR~~n)G6)CrqiT>IvfIX2VBQEcX*LO}Bd}?)UARN0-@@OoMDbiQKkL!aS>qsxHK- z-Y4l}#fHjU+}s~G!f2Eyg_XMT;KiEC16vc?hEo}IeYBwcrqM&Li0h=OY7ot{Fp^8* z0gY4lMmmf9!CO5ct<*xh!}N#2d4z`QcyU1e@2SAQisWnQFZ)YuFFHw42b?0`Sm#Vf zMU~c(?{T^%_bZ2u9CxbkTlIY^E>9N7zI|ET{8MLGyUoxGWP-Qg^PP0$Q10jc%JH`| z+^V#UjBi`4uewuzrb`8W7+#{g5+EBYE#$75E1Db-X)CJ+Dq3I$m(&(gp-x_)+|$% zSU5&!1|Y?^3}-o~Amt4v&df-aO@=WHLUwj=y|n(ERCYJOJR=j63jg~Ydzf!_DM%!h zBE`RGjEryFH!0&kMGR?BHl2qPK$2eb#ZDA1f4seVN;mZ_7g5@r}!)eA|KvWMt%{$#uit17oQlZ^B5pv`TMoLO2Sq@EQ>% zGE4)Jyht3ygj~0BL~0Uh?k+ZEcr6N09?J`(92`k#ADxkRi(Odow#|86BXMYgCWR-c zFBl_g#wxxQjSJKNvFi9G9+nJM30d4fca=Or$ikccA7&rGXx7hJWR4wI?cS6EXf)ImYF`+e<^8)ZC#arlw9rwfglgJ#GFW51qVVS*ulKz8I1aYT@5)ufwI6hZU3M z?(c4atTL*0omK5G!xC`^2ZwK0-IbOh7gb%+U6ZPnV4SjEH)o30mq z9Qqd|aET|S-DUh`Jv=r&fjYrVIL~p_emB%PZ~ZKqt^atu#>VBkCoHhlTK?l>9|80F zdl`!#l3}YWD;w?}$+qr$vh7cvW*Rn&j;NL9=OPuJgknyX(!5@G@WolO#E~1&gemoB zeE;znw=v&;>zj~k@4U}oEM_c9w~eO0do8*ueolz@%_Si?cJBV9oS4gM<5UNy#>{RK zIW_3Ou2xp$d(F9R^KsFRX3v^eW&ZfBAI@X&*(KrXA_{{=srit)W}LR$(dpgA6=utI z5h#9Oq!6S@z6Syt`IP}3_9m<6FS$FscbjG?N3r*VZGh4V67=tHZf=qGdlZv-`w&i> zSc~E61-;Wq)0IN{VVfLb?WD4yxKVw~7f8s+a=SW}nHq&jzGGa0*pzWQJATn$w{N_8 z;g2MkUcHjG%stl*I*Mz(e#LiQVzw&Vg7FkB3TVO%YJKLra)*eb#$N8pojGk?g3B<> zpyhAuXKYYwsdSB9b6(YYn*&t7wxPsXDDLidtaqKib0~KfD$S6zYq=(xp~_sUYuSxV zGIs|$VQ%?u2YjUbWxxHye{fllxtkbfuQ&g=vwgG?{k?)+@zF6x0dE2e|KeQh_sujx zWtS*EBlq=w?}sI+VgMM~Uit9bf12ZkS9AdN4^mO<@ntN0Pi+f-jeLeC#IUBO=9^9l z$h$|{V&pV$sVt+h&9}X5?JIbtWr8jocf6__nux3Ny=t7dVE58DzLfk}EP5r8Bf0&3 zb#QR7M)L0jBGCMfc!AsHJO?_Iw7yluxSMIy%X+c;uQ8>n1RiNK}F9WzAGc zy3~hkoexdNd*D-|qSL+b=}K!FY=ESnU({q1)NnVIuVg9}^SS@(7CZ53=h$+%Aw>A{ z;=7=2XpxH8fTq$rz6fGAZu49E!R7-FRXvlC&RO0<^4h2gW>G^XWqef8m(a)U7ck6> zwp+ZtSjQ(PuG2^%ov7w!)n~g?y(^C;a zR`XHJpx6?t>X&rFE_(?JXSGPhVrGNtlJcc)XzAJD>Vdc*V@izWV%4Sc{2_mLXTZ%M zVdQx0`a~l^({hSEzs}i{h0UQB>|<;o^nOH6FJ!!yOvv~tDKpmYti$hY>EVxCjT%X5 zs~$Q*HjN%m@Ihk;dN-f>9s)xvik_hJCypAFqAKNJoj#2s7n2CysHm_X&U!3#UF4Cg zESf!&vvro~-IYEQb6#Z*rzCWF`13+=-aj^K2%bdCp>rf2Cs+5st!j=3(%6<+ca*J` z3AS`nXoq%mImmCclB~ZkszC9W*15^?Q{}+2Xh{dmR0d;Z2u2?5YE-?qO{gU$h?z=% zx^%5=iodcG-wqBzCfJqD41X7(Y174{a}!b)<$hHwx+NSIRDXC4<^5|mVH9#Pp6 z@%p-Y-cujkSOdej)Cv9VCrkl8`_N-^y6aP3@}-peXH2(f;vIy7)KtQ$4D6ZWvnOyg zw$iSzV3ff-2V>Gg!3 z8FCPp+`R>UROOa+*e1G%(b3gS;r`R&3s5)2$@{K0H}1FJ`ZEe|;@)vK732!k7I47@JB&LbMqnR@eq_RO0ZnGqI&F{i zc(B`3xCK0a&M!=joj=HU4Mu@^d4bPMIw*iXQPWRMp0L*C9_gvgDHTnmd+EyWv(nxLZJnc$5|(}aV<44%`rcD_KYqRY6s`|) z)~)yyRT=S3_I%#le*@S^IZ~P~#XQDPi8HQDAlHj1^gX+-VXj-(ap;ZywrPVZ?mBlc zZg`$wd~3aJbGp>y&U{-h(_wg%IEd$@%&$Zip#MjL>1S-&G};kYCe5=pI(y6OoJSkY zZ_nx#y!Mbmv~G_T8}=!@gmv7vZn7F6Gn20oQMOE=GCGZBVRQFq_4}t84F;JS#w&NM zxL7;4f%E(dk%VXg{zHf73MCDxExE46u;{F|bmI1mL$U5Kp1`BactZhqhtGztbSaZk zL$T*DB5Xob5xAa@U**p)Uzde7^_~4a?{Du5YG?8rERD3>DBVZ3vIRc3evCKB=p89I zTZjNb3-xt(c+7YhrxJy1o7ABPA3t)I1ZWbi9kt(kv&s`@^SWt-d8J7bwMCAiQ@kpP zqOpl#pjRHgKBHW%6>Abj#F3|Z-$tc3XMgS%!qd@c0iZ(!yP!>Tls5H|iNd}cx$vk1vZ}Dw7?Ps54 zulI)%Qo`S_7Yuu;C%moTzCC1Ztv8Fn{Siw2ODmtC^a`h~EBZ%YrIFDVwH8%q(ySnT z1q-fj_|GM}z5*319HXg9Yc@sogg2=8VKi;AX`47x)Cy1*YMd(PX&3Eg`>$SaTip*t zs|O49lig;YER6!?u{x=P1?v`%(U)WCo@b5*3zL18N;wMmlW@{*_)v?_{Pbg#;)_hF zYZsm8?Jj#a{)}gqsLK_$lAjZ+?Mg=zHbSq}_5I1Ag*xREJ@sgpNmSA4Vxn+( zfqwS%q|ayfv?H9UlnQnCGdk_ip=>aGK(Ip>h}fKS_?4-Tcb4r_AKY%{FAovZ7uxQB zM#7NM&*HOjA_e)MFHHE{PIr_I(nIp#SelYyyFyUQ!~9OMy&-3ymG@ma8nD^4Ax>+` z9qqU}i%8b+Sh+UM6$eq?S#t8Edx0(MC$KI2pmOu-fUv-Shg>v6+bCX6asV)!6F;YlK$vAwU(7U z&l`e)y_uQn5%D2XNW&iHVtr&e;@LH&kG5jd-)zQDj^nNweOa>RmMze-5K^N<0)!s5UYV?sQE-S?4uS z;5QD^84K7|Qm#(eL^wr6m?e};N#gT?Fh!TwxdL9ys)q3}))k3uK7ANzy+*x=_r2dH z7ogRWU~H!Jx$3kgRraspK;1`aKSm!UCMufL<8Y9wN%6)sZ+@DuQ>N;Y;r$qQv@yb%kO+nOa?Ab(a0aB{BiV`e?1wZT#IDf=jzVZo;<`S&D(2KnlhD-K!2t z*=iwOe+83Z3xU#BJVkdnY4x5OScn6J=)ZRX{OiK=0NWRZ@{HqKm8W zja{%X2-(=Ee^LFKxe7}@&9%&*5rws_Ce|)+=V(ThR}dkx10@H?1)LQ`s#;rlXyt-U zORRh4hbeloKIU#6&$$IjN+aUAJ}J&trl&Bapi(u3ZwpdxuIdl>&C>2=PG4fU~Ciu53$3V;nk9>cyT_6=b2Wq6zcwM?q z7=QXe3Yv$LujpS~`pn}ud*2usczWlxm_7;^Qo45yZ2#UK>UCGUo}_=dpKPlQ)V*&u zySFBP(XFIyeS3APF`AR}7SvoIBp=7_sDsLT%WK1YM}K#3B^jLC&Fg;c;`Iqi046_^ z!E7F8zOt)pCq+UIf8A4A$DXClE&rS=4A|+7S1}}izhpg%Gt(Dz9#Jf**=0Vf*#?^P z_^Mc=_B^Q)sn65+m6D{0aA4y$}R2P-{@H0J%OW?2TD6xhnP24dplV`6nXqHq8O=cYK9P z+Y~IjX>pf9!nuvk=iVk8jn7I%oKgy>cTlN%OOl3++Fb=__>wCZKGPTv*~B5yn3;>Y zEaM58EApCCLz^uR%lU8fqQ|;;W}Bv7Y9ITY81w@WU_>qywR6btD&_RQV0e{D9#(E3EVCLxz4-Shc;To z+?@0&0G0ccQyk6{HXDJ&_t8!H;HOgQbzwpC&%K+aDmZzAZnBA0zh9`Oa<2FvnxV#` z9G@t7Y;S{Rsqpi#0y_71<#yy%sEb1B=&X6_9s0-p|xAaS-MzTlk?V)!Teykni3VNf$rC8 zmackvx3P3D_owN5n1Q#~Ch{noFt6Uk?_R&@za~Y_Fs0RtJFgchn82$RH zMP!NBW!F4At4V{9RJx;!YVIbMa1Lz@zy1RYd+`8SM>z@bKH!;uJ=8c6h(SJIHR1)2 z&YZ|@vuJOxzI>p&qlQ$HymgE3E4&e%WCE>frPB!Tuyc0MFCg)KqIYxWzNb2$PdJKZAUJh|jv8w~ZhGExkjoJc$P+$WyyF1#$|fRGvR^vD{gf zs6*%0NZNJ6`;uEB3eStQqQ`#fAlq)U&` zPOXyf_C{-xY@#$ShS64z&Qk3(8ad(p)7Es}3a0g=%2rd*JpC8`^ zpZC-vUV$iZ5^d^FQ@Lz*h%PtR6S;Q9imz#Jq-6+0(m96}kvWtDs!48xOo3}xwS=*hK+AwOC zYKQEdyFcz!^?2JeXdKkVI*e;?c8 zt!!FwyOoiVs^t)%g-97u$15*oy9)J>K&K^)uaXRD2Rpfc=9UVU1O_-3vg{K14#MZ3 z2bNy}ZC85WhMrl+-FkL+wFsP4bmQ)iM@5?ry}zkXF?~4O5zt6})*jdc052z;T@s=Z z9nRad>Z_$c)iAbDm(8{cl|*+|Rs{$?HaZJvy!aYWJrQ2l$I)1E^5!)g)d%PO33WOJ z!!5?r*DJ^8#~jD}pEk_F8V%0EFtD%vLsPfQyKBl7X1XIikqu@@AOTX*0CUBRIVI4T zh0wjE;w}ulX_vA;7h;2`GSOI2!1-CVEp55oO{R9QxHR97%x(u2-z zCersqjQ#5Q*|{Sz1!uMe_0D9~%E)UiO-_Wx?uBtY{7J2(?v78&L~f5OL8Cf22H1;( z3$Z4cb7DR>JTe$k{idcdDmpUY{Ek(UJ-33Ez;k&EV&m2hYnQRHujv9`cKjudhG*4)(n0KmO}(@o+AVPaP?E zE|oj)@p&xR0oe9_Bih1lQdoPmuJf&uc@*g&_6ENPCiNRW#Z~Sp_bA-lX6my!_- z4%=*e+sIc86h6{#B8bbQWaITN(tw`@+Rd9oM%QQfA#+sXmK_YeU)A+ItaR;;dWC zB4KcU#Cz&{GCqw!_k7J_nD9vpZK7RsyXo*;x3ky_;a|Atajd#bC}r3+yu;mLZEcxe z(?FjWRL%Ww`f|U0S63)TbfFCGG@;=hsl)HimQGVdBSNFvJXECUnL-ou(de_&)^CG5 zSbd9yry(|#i>VUMryb*onJ_%P_GbaRX@M`}h|F6veps@KZQ5(_c~Rno+nmi@(#^#a z(ddy0Y)~yscgnf0n-M?Q7BxBqZ*_~Z6qdgknun>=63j4kl2WR(!^FzZDxa;-;7B2+ zyCym*Ptfd^YjwRkPuD^5i_skZ1Y~kL4Fm07*Qv5m{e-jEi3ocu6yc)^Xr;Wk;$*+OADE)HB>)GB8 zB#zd#@YV2xGHF z86zwv6g1nxPuBf$7WZP4szynKc)NyC$aiZiwph}0U-?Cvv^7geGlzU6L?b`w!gzmK z8xD`m-q?4?DA=~hL{hO0@Z^z?FOK;o5`HewmLZWNU@%=hPhCXak-{M5%}9ePap7Q& zTIfb4q`N9TRV+C`w@LqVebm4|!;xo&mTN-A{mIA!D!<_L0!Xhr)g?C&{L?DrJVJOz zPL|$sM$Z;4l{nq|%A^T>G0xR4!e%;W78!RY$35{X{aHhx0&3wEn@3!2DyW@l@cDX9 z?e2tb0kT8I^=meyWZT*K%nlqd5j)&|r~3@(upOfp2^Du(Y{A&kSGp9Hq;%e$(H=y6 zK?Hqdd)DtNwqc1%Ar;8qkXV&>pxlL#rweDFBJG+c%DDy)2!m1pNL*Xz*kS(b$dfzp zfL^|=ipnO&@&OJP!SfZ=!72;K(m>US7lS0DUCtnai&;8nSL+Z{)F2#kl#~7SqA6?Q zBhJ=^-~#|_pRMBb-)}sJOyVzp3qbfYDCGgcw;ZLc>Mc&*Hu^M(&CF8Tn!c!3Jv!U1 z3w9p_gCcH(Dna98ih7QdHD`$TV;P=02VXen1l}M?Twl}>#8pRve69~|PUoPDGY3^n z{Xny$!sG=nAhPka=o+YN&D@=_ z*ac5P60EwcGmffX^9I{l*2x5GtWAE(*CKg0pZg5^;hUv>!A)CGeQisYt@yW0`$IJO zMZ7h=(PQJv-YfIC2Ag(os|VM0-1G_`+=FB>wkn5)nyb5XLfYgu#JtUAQ}=3-+^Y0_pkii@tQUUpAWkTz(Ef~L$4d0Z zSgD`q#hj3!XPkv9ah0Z?ed1|9m}bo_86I!wW$o2>p8-L1R%JzMzTLa_pbV*_Y&fqv zOY&_&*0`@(5O!aPs|p+5Ej(xFv<|UOej9j79MN?996BskyE(A_jY972xr!bWv|f! z?TXM^iwe(+J0T_CcmTIEnarm2%5gZyEHA=_|Kw8ur?o8p<vkR?ijUJ`lbXOC_nwm>GRYSXrhpNv6@}sNhF}i#q zh-(%|M0%>z6NgF2Tch}hZU-@)3t=A|kmxEv`TK#J@!4}yq`U&svkN3VnTDw_1Z7G` z13i|S%5Ymc@+nPGY$ZqXnP|Xdd=^3&Xg00~wQ~J)I|A59U&N0LZRP8?Q#C_ky>UsN z6&n^k3fC8W7wzMt|9-8(R-OE<0lUze53M42j%xho=Eo&+^)_LH>&v)V6`x;mD2&d- z<|763TC+v7m8z9+>?w2Ff#@(pQIq{GXP={(?2laxl$-wbcehu)ClO+$Z6!btf#x5D zz0HtL#~@K0mV-9Q=G)}0vq%Y4)k?RX_utl$Lm=nMHJbEut`U2t1Ss6+JMZR)iuYdy zz-3_zy%L%Rxr3jP!9fB)h>Pr3^TtPhI5J3xlA!A15a7`7&pf{UQK@71RHasSul8E$ zwk*ON319UIM?M1uSek=X3I}}LT%5=Z3W)>*$ld1h(F~p)-x3y-VMa_3aqUxeH!Q)5 z+$5d+h4{MCHz#6(JpE~(>s#!Jat9TdP9S5G)M z6&)9hG17k#Nhg;P?Oj_}->Hgy<;$B<7&QRvy8_YALo&N>b5%3D=UerB*1X>VR(s#K z$@V)Ss6I&HRlzuE55OAc5Z-pf+VOn?3tl&L>zU0h7$I`eDZgWzIKRy8znlyW8_oSqvvR~5WtJ8e)4_5{78?PloZ-jHDS+& z%%L~^ES8T^Wp%f7dIX$qpV^CoTi`mgGvQ>*E?0%X=8dmJw+-d4LtrF%-o#e_eiC-vaZ$F?)- z7Hj{DpCj&%Cw@l}B+`YG#m3*z+5HpG5L#i7zQl}LB==*P`zQD*T~4+(}Zj)A4~05dmrUxo=+(tnU+JT+A&LydF5Mym5t#^L2Kse* z1m^9)4w^fmrWi|+Wbt#GdKymeGuW!5uEYvowauSen{20te(|( z^^w{(E_d{)NfPN+dDaSyO}`F_|2ae|laqPW3IXus*Ka~e zzPIJ=mJq=EFH1Wezg0Nr6A&vt;C!cBm1XY71luHs-W4H;K(pMhhv!N|>zwO$)&4S} zo95>;_V5VDcnBk6r^4+ zHTC8f+uc1-8=3)pzR2`&WL4*c3-}Ep^x=b&$F;jfVNC5{ySuhdIZQ_=GGLZC+-$99 ztMm=|99V0Ui05Y+IJAhUF*2|k{6o`48a~Gr>#?2L@7`0Asohg9%(xt%5Zl_C&YvI6 z$2Jn5KX3ul+ECR%Wcd4g+@)18yn1l=&4E#*N534M$uC~n_sYd9sCV&klu>v1^Ge2T z0X-bt!0zr&Ss>^u)9~Wb3BAi=V*_7lv8hs)gi z2xL{!_T_=x0$M|*P9Bcx&mYlANm&Hu)w%wkWZcAE*Clfbu+Y$^q!?LPy0|V^kZ&$da z{mHL9e0q;D7bvJJ$Y6v}EqPhlN+<~&<8bvZq3Pf)Xr`uAv;#~8)blakSD44EeTsSj zr>3E8o#l;uBjMYb~y$5$^N|l3>ytCZtJys9u)=o zKpzYBuc_;WTOwRNDU2B+%C@)KYac1w;a;dBsFi3~IQhLt0zd)0nMyd!ulGB)ZVDcS z7Oca~^;Y}OtirV|WT{zMvf}OD1?i6@m4n<5gD;R%u0&iIowKx7>Y09Co3^bjtylehW-Dz?SVhi09ynD2iQME`(A1km{J z&kP16e*Xd8KltVUInuW9-X@<1zuI&OLkbv+%`s@FE$hbV5ldk5N4~_x(UV889DDx) z$AL(|>Qu%xHtB13#cCW<9y3I{`IeoO&*r_rYlIKV6BOU(mnWw8#^MoM1OND{574eS zLahG-j_1I@kNvkV2@qEKJCSgDtv5kZnX7c?vVIeY6*a1jE;XYC;pA+Qp{G8*;gkD6 z(@$u#1t}t1Hsy=}$WS6~eCU5Y8rl+-!m2H1 z8V!5ua0(rZn79ta-idDT68iD-UWG1^DO=+2U)hL3ytP}&?+;M=?{_1BG!#5<4f)G^ zJv>6?6753$j>#e5uTTBIozDR*=EFCE&i}Xn|Igo5kbz5c5%_{t|IOj~7tz-im{4xt z+XeqQy8pTmHwOW@R1K2c!Svv|{(m2z`2a3l!>}>=|LZ~kP*gI6PRi~~z`(_R6&GJkAuxaa_wV_~H~h$eLqhW6*|TTSiHS_t z=ah`#Zn@uO28|x?i*58}73IG+G&IQZOLfQi`uY7qJd%v?iq6fo;5y1GJAT{u5VjA;LIewc`dt_t|zNJcrbAi1An?Pue?X@6R%cmFq?$&TNz+> zTrLkb7jW&RP#`6}mXS@q;P>Jb>%ZAOsbMrgei&6XNnqTV7Zn#{{%0xv_gFOGwJhE6 zXktgRu-7YWO%&2-Rq(m&{N`kf0pyrEqREH;1qS6^YU;fYna~d_L5o1fh7uCwYuiTJ zUP;Cu$p!?7@yep#sDZXXTYKKggNb~Gu%x5V@v{$m9hH_$-(|vLu+VlZhfKv>fr6_$O3Lwu=C|xXZnJV_Wo0U# zWmXjWHC?Lc>qeHMyqhwafP-`ut#vHm^hucA3FeRdBA=m5c~#osdC&l`bTg!Ds}W8F zY{d<4iAyZ{G`t$;rc!gA0pdi=0`C6tD&^0CxYzP=motNvez%VOmEqlgE(m;?&%Vl? zr7Lg$XMOzl(p;s*QDad^I%$yLg5R*Bj81^bk<;5@iCo&gzP>Y6?QJGuBs?oS<#qDQ zUC$gwf9uXv3BB`g^f-(324be|;%4gWv;A|ABw(|SPVNqM!FAsuw`0SRXRotMTUlN2 ztAHC+Yo-D%vVOOJMT!FmZNld_A!QD$%ofvCVIMwx&^h+FXq6pFlkoDo*#lGlH#>f$ zTG^I3jp!Bt__=&qCG&5C=O8aHHrlb#_o5i2lDm3!tu9K^%S<}a=>R6@*aG+9{71b z^+bJrieL3#I|hVVlB(gFDtJpk8vVGu5nc4a%ng7s;=~cK16ElydZ#+1W#7XvD=o*> zFlG+rR5s{P!(5n=qU}w)-+rYJTlKlW9^PK!Ay}kdA?nkZ&oscN^?aKyGy9j=|H`@EeAJUHiI&?KUw_rs}iH zfzrp52mvw%9YyL-uhbAs*I=yqp+Z;)o5aNLRa8_EWGXz? z7U|G*E9pz6y}Z49MCnLM|6IXoBM(N&!UmZ^@}E1BIXmQy^&rdX(gS-OZ@<19U`sN3 zpI=88YgifP7X6w{EdT z$BYq6T&Q!|WCe`MxN-QxV(F*hXxyc!MAo);>gIvA*CEbYTruAZT=xy? zdLqPbS#`&kPDPl>;(OGG)x&1fBoMiws)pdZXj`=n_T^P09+$~O7d9NfI;XwN2FTR5 zK%3O3;ib;#*wsnhHa+aNT#2`BmFWe#)kW`f2)y}hrdS=-!@o6x<-?zm;AV&zzkH1< zdQivpWItNJ-W7x$PQaG5ZL+dw|E(`OwLj8WsuFS|Mii66M8REqCU zu1-(|&+@9BFOGz8lugYD8AroslyIO94zuff5TdavMNsRle@(S<`y1^#r$npy(sq*h zCcgu_LuPHSx?T(<4l<&KLH6by+|^EeY6}aCqs5a5XVG++dFqdCsn{Unb@Z$*$MrIK zj;NfUZ)dS6Y~W8Dhdt<>)BCVdCFcqNeZxqtDnl!;BHIOrZj~NxY_U=$y6! zL=)CVvUTnxA<;8P0xx}rUZl~lvP!HakMSum_7gNk@fw?KXs`+dCPP7it9Zo>Wg09* zhysK|9OVoW;mL;*B-6_zQD6H;%RdeTt~bDr>RPY4s9FpSDX;cstDB*Wp`sVREYchx z>0T--X-V=BZ^Q46Ld6u0u;s}qfzOayc2D}4ZYqQ&gBGeea?un`6QY^oI_4PaJ@~s* zpPswh$>>69FW2=BN3=b+a85p=fp>rlk*i;yWdPK;&O3^SnBrxK>D>;`sowH_eB`Ijq#<@wbI zZQ^%HfbQsYi37b<<%^!!DrbtL?~$9}e#&E|SrmhXg=${=Zwe_VX$BY0mT6eOPKA$m zjz>xvLlYXGy3O4A+&>R`ch8hWNsvCTY1{!w!3wex{PY{HHrEYTI^zxEjG6DlID?3b z0$zWDF8OUdIYcy(((Xv^V{g=QN7By?lxm7k=L>ftpV~cihU=To+M+V#!wc-Eiz*~n zB0R2g8BV#4rbzCH97p^jVirWCMNm*j4b2^Fr1H7rnKt-w zPMPrP-8z4gkPqahupx+kMrdxcHr{b?*gdz!bSX2CwRN$}nC~Z!GvxsparHvBP8W48O zsm2kkciCk8T~`k9`B_T2XY+h(hH|CAXdo@tt0cJ~%sw^n3|JFHJ}+ky6Z!Gplgs*m zxDwz}Oc0<2GRk0mud-gEEBOiPt>6J_lwlCCIkP-Z4lR@|g>m-KU<8Oq= zLJ`+3xZsC~P73Vub`CP@QRNNc$!tHcc+b)Fn=6!pv zygGuegi1M>VgE6R3R?&-R>iTe-}KaknLv55)tB(Bw8aCEVjcaa!FJzZ^L1B9a!chQ zWc_WD?ooflKhmY2!2w~*`4wpz1-A6Tjpu;&^y*g}+E7cjarqr0Dv zD_rMALB@pcpPDXqOi!)PbSU27JmgC%i6BoBz;!yW2HB3RT7jxKEX70cP>+Mw7raHt zi>aZ+0l$;35hAdOe&2|g7g=moe7oFc-M-Kx9PZ7tn+*Q)rA%%sM@8*p<=s{jaq`ix zax-}L?xoxic=3VmkGTI?gjqAxIBKY=(euJUwsa_kmX=n{z~j(een&zK)er~mfDA&p zM}s-DqgPE!x9Q-PMa_VXc@Dag8Q2%oe-}WBbMlgq=FEs95qzeFfV9Vr#L%EAOza>p zana#uaD&vC!?QyfiSNF--f{%N~zq0!e9~XL8R;2-tuCB6AhT&>lf5Di*=YNdf3001bZ#rys3T>m7=swQV{NU z0A%^n4vHBXRJocr2?7klDZ<+Gb0QVLP4`ImVhj*UH7)NQ3PSP2pSgghSU5ISBpTH}F}oSj zTF-uAW@yh4vubU7eUy2`RTgNUba+YVYp3fv z+xRC84dKi_A*1xVk=4#Y>s#ID{k`Wsd!N6*F)~Il)`L82 z-S@h#Ip;N}%)5vC-eJ*%X%|R_o)f>YJ_IHm0o>*FUuY<+-#eGYH3=Q03e!0`r|@{JAbr zAgk{*-i_tYz6R@b*J+LC@jh~iI|p$DnV|;7bk-Uqh4sCDb5h%Xw8!|5vBIFAT;l$alyK7Lx~}I2pfi z*IJH@;qQM>bR4KV6tV^!5O6apD3?jkc4tvUTFuG3&$G_Fe!{hulpmUKn@Q04Q*9Sg zg8$x9P&z|75dV8eLgxL~>_82lTNPHT%N<$8r0|@1AXRq%9gaX9)Z#YY&)*z=&KmDa z;K1gz<$X#;;(XWAj7zYJSpt@T5APpwlx0059Cklbwo zF+>^A_s8@mZ0*hDyV!SH@EM#$BH=bvca8N9Ke5%~S|A-bf1-s#oh`di_SC>+^_8DKK^>8#(cr3$jwZ ze!@_z6YtLkD=Q3WcZ+gZBWC_JC;o5P5g0}MGZBD`w$2KvfGnA|t)p(ECR?_xNy~i1 zjOz5EYZ}eXry?!!cWV0!X9+b^^`ia&mbqgf%JQm%D3 z(2v(f2>iA)+^;Pz?SAxk+Uaw33vlf^@vnS0dMg$zNcL#A?CHi-*E-QARo2CDXPm^+6@LLmpsY*1_+Tuy?QMf~Rk^IvIkfI3ifq7Q;47NQia`CZQ+vNKAr-fy zJe0NuqBz#DPYR=z%yE;3-Gvt7%lpK*Ni5|WPD7oYu#a{Uj62SOju}@_1P4(JP99zK z?VnPjGzOjOk{r+KUGF)#k|yWRUiZpRFB6h4?2`)8o7`7_pc=tH2J7UvwXL^rRO$PW zO#YDVhV8y;!t7-vss{+XwK{dY^Yv4t32WJ!L50CO-Ri3s+k3Up0}?Va6;?#KgPcFK zLFXYK{-%8+ls4Gk`Z2x9`>v81U84K+dTP5bSs)T|C0V7n zu=p&DUIvH>@I>gur>%|-++zR2X)v8xHmm;81bAFiR-Se$^r&7heyKUG9kU&Z*R9~n z>ej+w%z)fqT&dUX(Ua4gz?~piqyK0Ngw~A+{G{E3?7r`!`mmrQAR0gYOUS|ZDMHv2 z>U%~;dcJUzgEcOf{+Un_V7gt?yV#Dh*ye)CV()iz{fl=QlK|u%U7IKaP7gw0whIet z;j~#N!r!w-^^7CnQ>ZKeB=^zg`Op%?!Oq!CqVGiF>S|u7CX=iCE8t99!XZYw@ zh-h|!*jmQ-NoD>(%4!NSum0H_N7h7U0!`&xy&eWF@6l zi(9gVW`bk}QDZfiG`z>*ndP#~J_E}Mm7q5LQ^o0Nq%q#LAOCEX>r!JxFulve3)4DZ z`R(tO9Op15};+TU+$&N~no3HgQxdeQUQuAoPE9 zb@+dDb&a8|AO8-`6ypDn1fM5M^qB4GoA}c$>X5{XAgDQW)CFy##-n?+!u)VmckaBJ z;15t~YhNRuMAmCWTWVYvbNz~ydW%$B1skWLT9YY(!1U^c#CogmPX2-L-4V`=GN9mB z^4JxI1_okad(2)Cha$A>?89FjONZ$UM*XxH2kvP6D5z!it9V*XZ058hUrXEi1X9ek zoFh*+syA|x$6Xnzaj|?Wty}d{Fh(3gg|))0?osS4c1{~It`!@!{ZSav)cWb2^4peD%o)Vbzcn4t^Sob(giB~5+VZBu2;yR0zm?|NGX5!i zcbK9Q`(ig^OSt-m^+fF16#I|MFx06zgeYyAnS3GB8K5{X2qjH6ltWdSZCKgc5vnc+R{oFzOY1Z;3Z21B#6dfeYJpcuL9S+197UgZeKAs+nK_;hZ_Nyi)%=r;`N=l{fw>dsH%M;gGX@ zJcYClzs~i@t`<{ur?SLio+81v)yf9wdz^F`&DSzxl7FWL$t~Bi{#Z3(W`8a{^YPcD zwojO2Sp+9?>f?Iv?igOK>t3-~uNHo@>2h{ijqb6!QM*vf5~zc3I#XZcB_$Pc5A8?_ zcdr&RvjWe=p`f@c{@k2dBm}LmtJ~+CA(iZIes!#)i!RU`{MD)C3td6WS>v~So_ime z0s#}6QBw^>KiEeC4NTD4bKYBlp)YVolOCv#wt@zdboa8bEV z3(7gsm)29hE{`_!WTM@Dm#c!Sb)jS0&Fo6v&MqSP9t1*~0Bc6G-sxMQFmQKuzX~CJ zYU5RD4a9Rt_c~yK3&>q3nY_N8CrwIknkH6ctnDz+q)>huQYd6$tS=g1cH$rtB8Sp= zeZGs~+uNGucV;5E$vHM|<~G3Zm4*^z`qu(F2bXx42)utQCHcqfIolW%6Sr|Gnkx(} z!pOAg!cf}4L_(9yT}&UHHsy-P<4@=+$i&Q=61G{z*ZPBmRIxfQ{08@`q$V|gMxQN> z{T;x=$%0eHAL(=0Phs;qCzr3IXKi}C8$UPRb@mp#pct||d0icfo`a9)HQ1S+(EXe2 z77lY@>1sn_W9rqP$y~?;X%w*-bG+Fd*XE0rB+=8wsvyanuFHOwDrCAwATx#vft6Io z;rMO&`WIVk4NlnQjHQzG{c%=K_ju82Z$q4%3d%$R$6~oigB*04#-Y^z&1f!9W?i5* zlRy6($@S{$YONi?z_`TPA7LVye2-tRRod3puJr9!aCCn5Cjzq)<2i*v`WZBhAm4t> z;>qvMQ6w11 z75L)Iin!lopG*Xau^*HsT)yByU!XdRsIV^auM^-s4HS?R>7O+I&PaD+2;=AU{CaY^ z{~txS{plm6pT>F@ce6#VBf6M%?!MtspvVO-hhwR1L&Zk79Zy6-Mur(Q&g;|NrP_^J zjbj-PB-*JJCb#^#%1vZx>9$qY{XPCJ->TC=+kKhB2Je=3)9-HYc^fsyyHh)Aqo1eK zOQ$()9WYCVtzMhDo92s+)uUYsso`c-ORCR~7Gvcr7OyV1_D$mI=k?K&x{2fI1{YaW zZL}OM_R-;~EEMN~bIo5u-_P4#jgoCIlWaUP9!u8yx^Hq3c}+s7++0=t!+Z&h5zewX zpEr9B^|I(;npcZTw(i>XL2~`kr^SIP~9M+}{N7m}um;95g zX7Zz-YLV>l@0@COPdV+Gp8zZ;?;a6vyr$JfPbrAWs@op}ivVBuO99~7&~|b>qQlEC;bmxNM|wCTrB z(9Xd+7wZD;ge?Sqgk1SL48sbr8R`GKTvp%jHro)*|4H^s>w`iB-W`>c;4O%9L_YIv zmuFDhsBq_huS%4P645G;^NMOFf%@@~<3!Lp(s($Xw?GdKMe`KU;_2llR2!4z{ZpcW zvt8bjWBgNpqj=x_+jElublt>GWMIrKfAV5&v0UiD&(Cump@~dsHwKtR(y$bZ{ z%80{)Hc=$kjn^L=ocSDPj&B)PVW=!8E_3^b1sRI4iB&FK)a9(^Xf*nkm^66p?-3K) ztVZ(3^A)Tul$vsQ+;}Ko5Wy54_f$5-loNaz(ewv490FTkreSSQnSJY!$8-Dc zy0>vP=^MMd9r{s1$f=P@eyez#^B((;cS$sQW@d3F731%Q;gWvpmj;t5O)urhOp0vP#~yBonqJ>6QK7Og zR=e!n`}Put-S5K|(wcuBo7KGoq6LGQ{jsMn1Y3VF@*`AeD<>mMT-Vqz1-dW2LkH5j z4}#pmIe37X&F_ovY)pC)ZR-wr)ZquJQueh<;Zer)tv{dc4@uzTOg^?ZCf**;0T)&2 zc%nWBp9w>bpj|vs!M9^Js!|N_AkuK6JS|{$sFE+U^~G(ea)>|=zg4Y+hdZ8JW1~5c z4Y7L~5M2KfOisS$>pom53B*T~xjpL3h%nN&5pEjUywtzaayUxL>S>!R#V`x_6b43@ z298P!|MAk)Dw?kpcK8vDP{S;Rh!vHscc4xlSLV%yX_SGoI@tbnRSplm&`ncZqaprK zN+YIT?b^Jw8;Y`7JS0`gBMl-32F=GnvJ z%YQNb&lP|T9`o*^v8?sps?K#CI~nBkYHMhBG94WA@_Zcg^}xO4i0{gFiQ%2dbou(@ z9}ki-x<;*z%{JevlYl4vdM>`AP@Y($*Zw2N({iN@E@AO{Mr7lmemcCWW@(QjQ*i}C zC~z$5I|AZ4c){`+x{_#%f&g`EW`d$k;j62XnceXftC`RWfY$ufx{AR?Hmr|iBd;(+ zEKeiREeP5Tf|g#D#dXU2jtT|YZ;8#W4s3;NUUjBx>K#&T?ye7&c20SJX#Sds4sw8) z7ImfQJnnTu^$KMOGN@>MN@3?R)qsLY=X991^L>b_tuqj7x}M;jNSWARA()`FuhCb{ z9!^c#%`ZV)6p6$kn~-r=M;e!;d!X_L?@r^qR+uPU!*xD^25d$TZruI(z_*6dF>E@u zv`h^z)){sPCuSfHGD|Y?R^I_jtMMa*$TCfmQf@ZW9Kc%aaA7Y|i_od5W`8VoWSc~? zta#-dn+}gM8wnf#>Kp>3t*xuhPnwy=btW=OHNl^?gvh)KgCR z_%BFh!t}e{-l{&UY@D;MwWiV5Ub1?C&(dD(QbKDFrFORMPTE>q30m5wDL`Rwxg#PH zF4kKNsdM=ZzzSsoIPtLW*u%x79@mEwCEzf?fWeG6+5iOp^njMW_eRHfKV@mFYV&VO{}UihAf zy}0@SCl=c--hp8JYcRS8(jFB&E$P}aK4l6zzi6Fw!c9%Nm0SJl4mI$)DwKN=Hm=Ii zD42_n!n2L)u*9Rf-v{3>QJuMVcyyfeyq%79=EBlh_Ws0@Gtw^`ntPTg%uWT~X|6-4+kkUp>)h6gsZJ6bmiIGv?c!_BezTqptSZ1U}Icbw_O>uZc&RrvYT z->bS!Rk_f8D{u&}_vtPM;hQ`>(wRq!G7Ie3m?=3_>)rgN-XA`jS7G0OcGeF|GCucp z*5us%$dBjeWVi6~bZf23Ftlf<_XhI1YR7VJBL2`A?bHTNI=6q7n)mf3^ia-G# z&gvV^r!SmlpB?3tRcAM<&Yj_A@HFU6WH+{GpsM;Az+7SPp8>L^45sB^Fs1I; zUOP>YR)7*y&~GXI445M3FgC`E<29a8IzL_`VcSu^FO-eAIAI8QhXJC+K%zr)yk>-%FN!tn)Yw3}Cv1!M!bM4sc>^hVcl3C`z<%h5T(X2#oZ z9q~?2Dj zr;}S!9pWTymQQc{Yqtp;KNboBHlged3b1C{;XC1a;`=( zNPz)EUE1T1>^Zm7thKy7L2@{t=RJ71Jcq~ArCTN6rksR5G?Ks-e^7wG5`8dGlz#eO z)ZEI)9_Y9TP>3HZu$>kS3WW!7B;d$L1UOrTQc94dk;JAQ&*D((q7J`-+wg+j|GMBY z10-K>^Um_q$|SNVu5gX#1oEQ(E=N&OS={NXe3aToI|E;9#tD-!U|81}3+_Nys z6~ggUv78_%(8+OndO8g)fqSgPGM!^O|C>3EBRuF(L|h!qb%6JSPn4RRoZM0JcnmNY z0R=8#_3=C)fhI*#N-E5Nssc)L#IX)aTb;Mn6X|1RFwCzyXS)~;D{8BQvLlC0Wd;B0 z9v5DrFEt`Nr_E7T`69QNF|NO5i`*C@cCfQuLMJeT1WBn=Tdn~)qt;$`QTB>pqqhk# z3IaVLNwbIJXVH#{m-A`dju74l_Uab@Me{7XhotxRv$Lh24J-`IEUv86#&*hIiZknC z=(Lj#h|vu)8ui-f&a9(hSY}zkQqs?7LfiwHqxhlt!4dXt$KRaR1B33(5Of={{nS?R z{Zdsns^V?Y`o%`D>wtKJJmWtVqd&k$@f4$@t0-^7t~l5~T7?r)+Ak=t9oc_!Tc(`I zc)E1IWu|dDb7PN5waDFUU3t!CmmlMmt!5dE1qeRJ^4(9+@IfGVp8tk`5Zwzx zc9kC3Sa>y`ovn@dPhmM~AaOC@EcOu-KK%|L%Fj5@qXDo?(Xj&k)t=PI~D|h{D%OYSk?pd;h9+WJ$xJLP^7Eig?ePp z?qFOC`O_y_X0wN5D|S>gLaRu5?>P4QfxHWoY?wpkEWNYz2v30oSS-$eYv=(~obMOD zm(cPQ~<+`@`Cjq<#q+9 z(-+skX{s1yX!yS*^&XK|hYYCiEEWF0R*1|aTS5zZ`izhC65IcMF=O)opB3=n50B{{!6GFeenu+Hvb#kT zp;Sg~&)$h;59F8rn`HV6vtb(oewv{7x%Zt4q)v6XBPq9Ia~Ojqe417y%ZHZa}{#~Crs^)|5CC4 z$CLf@3{Zm@g#3@^_rEuj|0d&C)CCO^=KE7I{LObCNq=J|Q#>ap#ONw)N>b+Z;;MIi9!-cMPZcH4`#2LE_E?^q#xz}T0NkdT;>QQ_{K z*E(i=cqWSP5d7^qQ{`8c3rkJ)-LQjTVElSEas%M*9t+^?#PsyC@-x%3dN)%NTpH5h z;Kj7w*B@_`*x6qUclL>wVruJ-w4sav>wW7#$PoMCptHa~UwMbb3*x}M9G6%{(=mCr zOhdF1$>L0ru6L+*%&# zw=HhBw+lBq)jdUd&t>W?iD*>}KCZ0CkxMQb;sq`e1#=ZLGSDzLuXg&6!%Een!7ZqU zVx7`|os92)CP4hrR{lADk%k1yU)P-{K7mDSH#T8QZ_&13M_g+~HX)Tv&Ch>^zEjB; zfTaG%2?mojA}Y0iecPe6TCrPDzc&bLFY&w4FyNy*GVO1H;w=*1y}QrAYRXSbV^L75 zeu}hFT~qT5AgOHc(;G$rZL4&lin5qkB~1A4a}I@H5#thm4$sqt?{tYVV&s>}kLTe) zbo6itDpg!#^Su5_wX&w`*c>w2ylj5kor_var4|PCru!t|Bhd$XwUTY_6E%(&iG-($mq9E6(OzMjcngUyozp1LN^1Zf;IS1yUaJq1+eE zE)P=!Wf_rNcYdu`=bqwxd|px>FAPnu<(JA@!so5;TlUZh2sW53Y>fe$9)~2&KY%eJ zK$cHf;DSAx*^wo*l&p9$p86g?I7m8AQjnKFY(}zJrq-g2fIAuuILwh0XONsO*GI3l z%uorPczfB;6n^3`78h>&Sq8fq!SqA+JLsJ2xN6OBau}YE0V9rm#mpReDQ#?k>~y(4 zVnG=H+2xwD3Kj)3o$_az`v&gN#LZf&Nzw^2-fZz$=`UN6O{BHA$0tJWiTTdm2 z(#uBY&m&UKBUkDZu!4b6jzjR#d(`-Z8oh4*+dFC!nZpka^!;&t@AOpbj`n91UlfMN z&*!__*Yy?duQ!X)H2=>FU}JoA4O^)n8T`MbkRyRhL7~7|7;w}`8%<=Sf9&9ybUMa_ z`TYi_U0`=G!O5fw*!|yZ)gJmiCDLlylDDkIV$PLpSk6G!YXu{B4X1qg&`Al?8u7xH26i63q@N6@4O#w-BNx+t(}hW;Zvh7}&umcC0BJj?dUKnnBr5Am6GeDr&?ax;Z??4&;B-)q~1U;8Twh6%y_qeXKH7wjgm zZcCBR263^bWCK7|K|IOIFm56DFsRbALamlEdmcekjv5X`;N-5Q zA#R^wQ?WMK{(w=5VYf5tUM0YcMStQlR?NKIlOihnTw^qm&5*mUP~iS_li#pW^~<5D zM1M=bztDK%3?>odyGMNS*=E{-*P@&?g=)3{#2&5n`x{uT%?>FCHpZdm+>RZR{###2 z(Gw65n8hf4$*XgVtX>bNRHm*J4(-Njv3$apl?*v^?6SQpzFaflX!Q{iLT;@Y@HuU{ z4vC0RPT)vw_`%G|IQ@9NmrI6cWt7&zVp6!mri$;ky?8YyL7xchO~CL4{@!SEtTcU5 zgXNlw@E!ZYK=Yl>F)md3l3OML=>pJdr=^lNL@1Rg=9`6uN6Ls8y4QNV_7f9V+6k_{ ztM+7N@u8l>-ecS~ssUH2ej`59!H!3vd=s+2f4uQXRcUSP+G5#8CBaa0@=9kL@lm-( zM^|HJbRe_$j{_(DN@ef_sy8iD%M{}9XSn-RXZKje>On79Db)wQyHno6AXptV*;ckw ziPm?T6n2BIuhP*%VIcdi@xi%v2XvFS#|t<|ho6y%*{hB9M@F#C%4B&XhJFEhAaW{N zEg3xBrrzSpfzj|v?%0l-N815J>Uwv)%;V?I_V$_6xQn(e3J_m3D-5is**+DQ|B}SC*)G^g zCdxy(;>ff|txd7i^u5JCg+V}@d2y*C6tVVry1`JUKNp?mXZdOhLPCu4o4G{Aj@<6&S8G1rX;+Yta|Zo^ zmXZuTLz)y`VLEyS!-%O%v7W#}nez-Y3;wXAvLr5yM)f&Lv(qf3042#x^zV-N2z<2O zC_N5l-sb#+5$T+!zb_h4bhE!Acic4Vb+qvqeEH_?8Pn%MR(B@2;Y0=PyqGP>*%N}` z_o@F<8F$Bhu1?aJ^ve~A>2i~TsBldC@;kFX7Uj*+k}pTCx&AB!ZciWr%Xrm$3X|(J zn`q9rqp^D6wDn>p1-0AS^yh*^`IhFlPxC%UDfL zxNv%~g5e#sCQpT@&JdDSU4nsRYKXJ0_oofBjBw>}RSAM0+x9CXhpT~TkC{S-9cqA& z1M|Uj=XX3`5_ErtS2UGre+gY$yY9Q-M(ievg68YU@ux^z!1&UF90dX_Vq)wvgOPe1 zDZV~7lz1qFoT!*C1m~ySt39fliQ%~?MI2b$)qKi$O14rm82XCzE!T%8=h18)X}%l9 z@-O|*oaQlK4ZI$fdV5L5h@dpZ^upYnuM2^txay1F5rHeoZr%g>czumM!dcpYi*B%F zRPSLg-2K~ST(lJlNx8gqSOm{}!OC8hw^ZTQEIuAJ(QbuEPSlh&wjUpT4A|ak3BeJC zu=5pwB+%R9c-)~VypLB%H`z$jt z3=qXq7B37@es)iVkZq}Br!RG+M3g6=TT{e8kFpGAXh2`u@7behwOGr~iJ!;%Q`#qs zI7_V17;Nv1&&<_0f(of2U$S3aG-11{)>+7QWMsR+Y_vVs(@^4WdoV5eHZ)%*aG~s| zn<?@a(v*BPVtJfrqK0nxQRx-s=7_P!kro8Zm%fq?x@ zdQ=!Uc^*bTh)bTrYOyYW{$TN=MrZUCTM&Xc7LB}-H;HQs-<6&>EVzn5)>^;@;p<5J z!;_JMyGb>qgv<>X#Mw{Ym%^4%)Z$YMhBPk$^B4M9L4*um!!%MGwJSor8C zkV#78d&VuU4;o^j-uhnBLKXJh*fbK`Mh&t_U3DBFB(YCj;LM*N3ucM}(0i30ZL^t< z+J46QV7=a8Jv4(oPB%^wF`0I=0sjU2$1ABw4CQvNvE<~q*~t&P`>fZz>2J}?=c?$9 zS>0)MISqW?piGXyy!;y5Hty8dCzc_m&8#6@RUe)8pzGX${-4O0ej~Gpq!_(0`~I&7Ke8dsQIWKG-=9(i zpPlWDFbxp&zT(D0v#3<+`~c;(_sr z#msN}EaH^v2H^BfV8OxMeL~hgpIRX8C^QSRgkd$%N_{YAODv+e8}B4v!oF%0q_H2H z;3#3uhm%$xVCsjkxVXz)r=*aO(|Z*wmz$K5iNU$uxcID+8y+EAFr1r7NtjfV@nqa% zXc(sJo1=3}?~f)g4i8uosAanq^5114^mnc@Z~5@>BmatvgF?tNlZrdMZ6BS055t&n z1*T-h8v@zZv8g?|P)p-UUHJ^kHX4__PliS&a)9jZKNqp9>W4#y(C3<4(>hApK-dd9 zkvcO)CA^Lsn;^PrHpgud}0oB{GyJtxJ1o6*;O{@lL7rIDB?P_^d zvM=CW+!Y;>aUX`&qV6M|{x40JW}8!F|A}*}I0Cs!3CUq)z~?x9xy9#>8rQ7RdPJ?2 z(4S!`mevnhhX}kS#m5@b*bPlS%1uNc_pvaAcH+}`)G^1KZ zvH%3<^figc!qN(K&mJ4y_OBsZ#l`x8cM^v$`<2-@5*;8S7^M-l0v9zvu5;gpn|T~} z_dK>Nk|4r`TVR!N09vi{p+8SR42q3%yVg}3tupQWx{H1ip@MpY8NX!vd&XMB(&`RI zJX>_Qz7u`~0?HcEVi_j2Rjp3gnO3IKHCWO0o=S~=O?a*Y$_W5L7cu^NXVthW}gv3G+nIv#ztC zd&j+4Bg*R1?9N$NAH*=1?>=Bq0Ag#t{ZLg5kMbrM*kRiET~I&Du)-D_=R}k|e?vdC z9>AarJ*oys89(_kgH3@W>j0_1;{8GzrFhHPZOT9@&d$u?%xsEx9LQU`d^es?E!wH)C4&KLzV(zK{J9JkxxmOBEAW2E4_ivi&p*z+g}N}XuW zkONBQ^CT-RW9oxOx*@M1Be?GF%{G0Nwq|&~n@gPrQH~0M2mDQwUw0?w`J3zxw$VSs zsFky?zHBWuJ3LE6me6b}v?x1V>DsoV@OB`GV9yH<|5?G)UqI^@ET$Lp3^@LAZ~Jqn zyZ`9DN@9)y=Ih1)TMFDxEtS-g?a=gc`fm^jsA46U4oikN_bnzCeBr7glhGr7jV8tbRZ2bY@O;#g#vrj_eF&ANRM zN24I3wAM}QGHQVMl|N3%<^%-_<pMa;3^Tdwo|Lb-vPW@~2Ymgs0Onndy>Li9!KF{ewmq$ra}s+FtdUS1%kdZezC3r*Jtrf=QCA`LF* zSQxm(0j+N-#SkZdJ_VaLqIC?@8y{C8$+8q?`xrFpmt`>`5Gf=qSRdxuUYc=6`o}wa z*VH-q%JcQy24L&QzK6PlpiaWKo(WX_UJkyCnZa)q1Ma|&ENETfcyv=Mk=ijyr&q-UVjDxZ5>ipRx2bTTtp1@q4&ThLGK4YBozkKsuO#Q5*V(L54auTx7K@x`4k5% zoI%_hFj({&)Nf*hOTM>EvD}5Bs$Vr4PKD&fWp!-QnFet;&!z6Nko&!vV-uv3zaA6g zaC&r$9fL!~kw-Kn$jjGD1x?L0-=<;@;-Yj~tY)}FD&j;Lot2i#LRZ=A(13$@bj~NA zfGj1Dgr0IVFzDtE;nsq*w=6Q_QfK3nNP-vT&Y|z`o#Y@s;NN`)KQ6t`QF0yn3>0Xt zp+JD^J(?$m);}NvaBn7mKGKaw02uqC~k7=95J-j==yxvp;l8aP=JLVl;=?yPfGCBLnAKg~(E5MJlU_D3$RuZm)+ zE~^glQoS)(Z@r0!MoieIXjQROUC2V7RpKu@M00Fa498Oz5ifgzSH;|7u~7b0A*UL$ zGHi+2Sh9sK-z+ugS78i4Ia_P~Vwzs4QV=20ee{9s*Y)q zTth^-lYji!eX!;2s5_{NMN^IzO3H}Ca{NjK4yVN~>Cq!PReniHBkdD-d78Z7o%IO@ z4L(Y1JkV9o?OGe;=`Q60%?Xm7SS*Fhscc+mRUqG`MZKOv@{7Z!SGw3oiUNpv)f8}F zPGOa24CQa?qiB{Kh@vMBrA_fKchB;B5}yp0g>#xRlEu=P%_EuyEiheyjnk{L>(-oM zpty>#XmcFi$GNAOl-;`yfm#T^@&iNUUNMc{J)d-MFXpjPIjoBH@}4@vXE}r`B%ivX zUK_VfwCVKUPldVLZw6yW2FdZ)BtgHFR?w~>NT2__uJ45sJ?fEusT@)l0(%>P_D0ck`SCJK6mt4 z))QXUTQw$6U#Y))a2#6CT24ekQ{jD!*i;u7Nl;3Fz)#h&$R(koB5@eStEqr)pAcJE2^w~kl%pISrE z`v||vI3Wyd-Sd>$FBXR1d@ZR*F77z>=(=o6qC%a>@vV3=-m))^UQit2AMUR_sS6^w zp}Sn%U#1jCINq?$!F(D{w}wZDUoq#$=!S9Eu6q$eJkv;6^0edfYIHXtJ`Xi;+5 zwSBV?OX`&U(Y||-UcoS=rJXZ2I*yE+Z+|Z(|C|B|2MVfn==w~!z`&bG9U!OH%p*Nc zhWxesh!F1?jhpYV>S5;wyzK z+t(0U+g2*$E<4hgwIu=(_`&PIqXoGkL$pEyodm!ClaQEp{uf#EM%aVd2LLwNMB(CLaiObnlRu(3Q0TN_w zxjuRL+8p4OLO&olske70m3WxD^b3pHlkdSRD*0^-C573zyty6N(Bva6wc>LSPnAnG zi&9H+>rcFI@m?RR)zJT3sUh5IBa8G-U8t_?BdDT?Q^-$~gnn%F{x zd%WJVwr4gM-YKkSiq)`7FVLk0y5?A{%!|0;^)@m9#iX*S4Qa4FPXxYgR_8!U6XC0L znmzI4*lF}z%o^B{698y(m23+WyjSH%VosF4J7Y9Z4ho5=l>M-S4&X_L02lUtdBk4L zdL&ivYOI#EIqPX%Ppr_ip_R5Re-;JNjDBQDK9`<0u8f82#ANt^l=$(KPX}e^f$3pW zdv#O3=^M!wkkMAe5tOlDL{5OQ+uPP4P zJ5_~lD%%iGPIe~|+QwzL9z(oAeZyccNoy)Vm1hg~nR9gRq?yd<;M{&}=<8ti*UTiX z9`;1F^mD-Gdys`{D_jZ@S%FkW(P}K05~Vq4#qRf{?rr}2QjPIp5m}}z+6P?w_`HzE zC(n0%wHVujFjT6O-7!SoHz7pUA7TK#Q0R4f-u{}PYnZ*lKg9)1l7!W_Y1cCtUgjWFjbLi4j-3+9k4t2VVTR7 z9Ga|Yt%SD_ggAei93fNkATrM2J!+BdrZw)TV{3czU^7CwT$gN^9V(^C2n8F(^WaqS z;cWRAqr=&(+--z8gg0`#D=UuSPrZW0Hl->(50R!&ipEhEjbxn(i?#MOLoJk~GO5jJ z^UDUwLao&KkWrV%zJtSG=ucn#D38D@_yq$9O`)iN*Bb1;o=fv_@I6%1kTgBR<>6Rg z=}&{s%Tj2>xXEl)BZa?ctiE2i-etoIU zII{`5MSx4H@`z$z#m@%}43($So?;+D(;B4FW5)=xdm_6kkgPK1Qn9js2>J<(An;YG zMqTO2c+ac>O$GnA&S6}dW?f}xYqCxQ{kQVAI9O00zGWc*Fs^N){Yv#;2$(YrP*Ih! z?ADWJ8kMRmGX#8BoiRJ^Gq}F9Ctn1*)c&yGTmh=Hy!0sc8dvson0G4SgN~n>TBa&B zA`W{AP?oh^@s(G5@YRr2X3dW0@x3(CJ%N}`%UUrmveQSZ)0G^QS-Nr1 zP>SOzm6`UR^>g|n%MtyFsOc}nrR`-OMiOHipv1~6;%Ir1QGdmC$P)JWCvgsSmH)yo z7b7G;4(wnTPy>O-<4~or8VGZV%<$M(+nXO+WnKNzWd;e})hm9U8Y<5n&YeS}_;l-@ z-2W|UcP=R%xvag?_^I{bt1xMQ|8zRnm9=2{%~Ruo(2EcFEn4aXPbR;U$8RU*#)(Q= z>wyN#9ub#!-y-o0So0+%tkQUVZz-gcC38=-WV#RcexznaFo zQ&=nnJl}3vAubz{qGpGpMT+&d(V?)RfRWMna`}N?!azYa($vt(_#9iSq1`}In4O0V zzmeKf+I@4nY$ z1FrO5L##Wa-Ds0rZ}ZVBYz27Bb=zxhbopW-9f{uTKu)9F=iXFyDw`KliDzC#5yo zayrs)M@`*a8bxB5%6!h0dX|kQtE#G+Ew+Gkxv3&6T#BVBbRQT`FhG2o8@3{UxH=d) zuqC(nN>=i6iua`ZLP4XO|-59lvhsFzH=Lu`lEYLmlx%F$5 zcRFgmKXQ7irSVWC*Z9yFlT&IiZ@DPluiA3zQwP00Nd0c?4`6|Qi+PtjG4`SEAG}=~ zcZ2eY!_WU{#M+r$KCpvr4=H$$Fk3j>ofprE15K9#Efdqy8I#Sn<|hgJZ%&tG`GmV#@X)uicu&bB!@1A+OZ@8?NI)%Fc zYiCPMeY<)NKZnSE{q+|JT6L1Kes?7{hK$*%9kMtoMx;;5c)gF)pnCkFq;q!rgSt^I z&7((OelAI?v$fFI79&36p31|O&z&h&N>53(_spdxfMRnFr>E^VioBO=o2%ZUjGni* zx3rHM9d!qRdIrSrsx&2{`C>8KW3)dkxQsrs`!CO3k3J zDw`VCw>*&NlZMECC~_o2Q`>)wkp$#6d`d%I66XVp+uaf$@6L@4-fyleM3$BGZWb>; zCXh&gD*!`rIK^-EH;4`hKSWyDSF@?>WbRHkWLE0WWqZ6@li7E!4fOYZvv)zHp-~|t zyMDSf(F}IX46rFtD$`T5074Te@eEWaaM!4h8;47QK9kZXew-)ba=R#v(^#QarA&S) zM$=z|)&c??)P5=Rr_olU*)1k>9nc7xE$3B9_*O#b{x0e?Om1%=jI}v;$bfdhu_McJ zV$g?b9P`b}MDFsYJUxSDXsK0_LDE2PA{-oZ$L6&p605m(QIGzz-<*-JOM`-ERU`1t z%2xEKn0ua@^e&FFJ^4Xnx469E(fISdRK&^Bk}YMVVNFaIzeqb(LzoDJ^pExC^xBrj zO55zX^kAGC6Y45$!;$5TiG5pf;5OCi>kSmii2WQRN-+QAWHuQhKP0rt+d8yry;8X66`L{yogI~*<|`74SVUeek3S@_JPQs~EnUcqw!*Udy%rbv}%M5a=h<(fW}K{^`Vmj_-{bm#-% zik(SQ`(Dgl&Oq0x3`L{CR1nFVB9WvZG4i`=C#*^LT>9M_rj5a^aQV3r5(bT$FC5o7 zNqd`(EtV`o;U0hggZUSl${+z8oLuk)*8h*Mw+xG;&9=XTy9Ey(f(Hoh8r~EMWKCBi?;U$Nt4vd==GMAW?XBc=t$BcyTIE%M5qN zM9TP5_5QSt8m^SESXJ~U=%{lQAUWC4MFsM-M}Kbe)`NPk;1qs(a!?Z}OxZ$(@UC|u zS}y^;yd16aqR?l|fg`OVgXBY^n_4}cN{g9`ZiDw_JL~0TDiIb#P8sb{6VQoY8j-D# zoOmZ0Mekf%`h&m5JcBBm8ozRrG>%L^;f!C(k&m!6VRcuPjk%-JBlbKNjB3ut+m6mQ z>aI{Q8a5I22>N5}T=?R`QbZv41@+1YRocVzDa*G5=Aw1JANj;a%1#Z57_dfqr7H?>fGMVfJ<)0LHL8V$?@^)dE z*Z9-BsV8MN&puwl-j*(($55HsckV^X9o#h7#}%7-6Fl5=mWw(+Qe0NZQo83$GZfLl zFds<1)@4l=9tJlDLl`A0=i*J2-CK$zzIC@zW((MC;j8dP1I^W1pc)DH{N!E^Yl+ zH3vbWho1LIt+$bZ+8*3zD`gLUo`-h1mPu89$OKjJ6w>;a-cD_-wz2u|WCt}cE9Wf8 zog($0Ax++2Zb%<*8rGbcoB}nuqfJovj+9fdbocM}h&q@aVbG>>>bB~#aX}+qEdwHu z1e~79nI5lXVXID%WulyXai;+yL+9>kq%Egy`1b3&2n~KS`JjQh2L`eS!NCd2D{lDFz%6-wmu@c zN*f2b3Y7wW{_&q@ENUSnDu|~ccZE`9jbEn05wg$PAC?w$2Y$rjg&yvfEyX%Z!cN`H zs_Hm5`Zy8oZUOL+2%yKe;C;I^BX##$f9H_!$$aFlg~&TEitl0MXQ^GTsM+}uL$8X{4ob^K`xu{&(XBEFN51&_DNaoZ$CvrSiXmSELLx$ez0w#QLnLvFvm9e6@bI^>Ro=L z_A884qml^dm#$ZyHjj9MYK_zMLlnvLFrc8Y*h2LmVq>yocW=Jv!URWJC{yF!*uAZ8 zvoPyoU#gU944y32R07DA8%&}?DU-iCkxyQ!Pc$4EV=!2wg1^nCc^sCiDEGZ4JvO&W1?#(=pioMuq9A5(r8pC;Ze- z-*?_jd`Xic6#PqOo6w>5rVX~unOAn>nQbC-eWPg+wQM12Y=Fez?hj#m{I*0~S9s0- z!Bh{J)u3Xr{8RCLHH?!DS)?(c;vE7#V}Jg!zyXBV2=bBV;+zOU&9o5i#&SkUEHq^ zzb*-zwnf!hvu zJ}bDggZ$~nNZyy8|ETtQM$OWWDKgM~Zz4(7s0Xo;o#jDneeIs@4H>7k?6O45MXwV| z+QT?SH);EpI!K60K{H>cTq|iDVE1?a7%;vxa;yFaY0Gq)_?Jah`3+$6n`VuFp zy||QWOlomnb%*KMtNsIt@U65_6)XN!C0H6+Hx8LDT;xuq23C3b$;42-+8<7$i;Twc zmQ>N$nSCPynvGV1%b+F)2ix;pBXS}+Yb?t1?xCcuY*4$z&v1?mE}vDcpjGc9q+-qf z+rH~oDBbD#Qsy}o#NANz{wOj6zWp|NL$jbD4~q47cM6pw?6$;$RIQ_4c}nh=Jr{?~ z6S{?C+L)^Cu02Avd2A+uyqr#4$R6ky4^jwlFc=fVH6Io8128)Kxri@%i^ zOTzJ59)7u;&;*~!1Ho(?;23}6y1ZD4^imms*T2S3|_T5ym=OR`SD5S5Mli#rK-*S z`?S9v+cic)*!^JOKW@n(nX(hD6a;601%DlyrO{e@Y4!A~sXl5Rv4AHQE6;gTGWo)P z-6=?J*oO#tIjHErOdyjPzab2!_LL`^C9?r;KNkAwCXc>|6xghsqKVO9@e1BI>K3-> zPzR1{|ImU4T#|oj_QVRW3y^pUE=FkTIPXELbNyskX*|~Wt#KET5D&Of{e{ zz82|4biTE}sWh#F9sCgzjwI574hkSR=M9;TrieQ1jk>6_u^{lf(yBk#xjzx9z-Tw$ zIC6oa*1U4HVt>158>ih$*o8q8udExONXV&0)t*dDTJb4R!h+zyfqye_C#OCu{6i)K zli|3S@8l5K=#=IK)Z*hXD=M)~N{4D7^jib!6uIoPu7Uyn!Poz3eG(g^iqQl{H9AVB z+{Ekr^~nD5s__hMAeyYD`Fo(Ho%LYmh+7y{HB1717KiN<6v+GtkQ14wYggt z*^>hAV3o?1V)`O*jUn-V95MA2_;pf~AoN#F_*a`YJ33hY%swiZxfrJB&Cd}I#Zf`o z$M$Ks#XJ81c+s~ezXUg-qoQUXemq43FL}bGEgmC1{aF_)8kZ#T1_#NnHuh@qJ+v?g zK@btWQNGoV)bETTQoQ>P*I?Al?P(+r~;gW2kH(4$i1 zKPv)r95B0s#P8Um1?0fJ_SZ52sMv$wX*F4;uExlmyoMz_vSBvGahQ?}rH<>y@DqDj zll3T$l=GQQ_Y(vii~C7e0}uZXjK@e*r@8BopJg+-4*@p-NH@m#4_Uku50VfAfyh(}wWOcT#xB9@rVFmw`ILR7)w{PTHN6lOT<$&*fmSjI z0Xqk9dMhX?F%$4Ohi`6eDVjl^wfGqeg{toiur{UrSe3p#@(R*~iRJz0dV zW;qnY=+$ob9H*mk*d6iAf|5t8FW?%w!#QO^&Hwn%ulNoH+`P9-6gG>w-Zb!B+z{d8 zG|)%<%c6$k2a|9f)B9h0NxyAiMGTBu5iq}WNc`|0r|d6v-d}%b{^#bMTF)7X|Lgnw z->=T0fxl=KkUabwz2>iu+JC-^hDJl}qClbxl@kA-rR{GN!M_|MB$y5AfGg>1GuutR zH8rX2(H!l^S5RvLKO4Gr-lf@8+rMtkf4`k;0Do5mo+HhRbdKZm+HD%#Dsw{fUk~&j zukt9t;n+4)WEzDJrZ;Tj9Y105Qo&a^{>@eXw_jQ3iYRfe&8?P;j}q=A8Mxk-^-6P5 zsmJ^Gn+H=tl5|HBe*g8!K-!RuMk8Ve)27=3i`0As9eflb4=yfXM$G?l`SGKEK^=&m z{K056Aa-yMe70{J0Ub(0|JQjShC)5RxcGUzSTil{{NVEX9E7ni-;4_RstLP2lJb?R zU~_YG|IrDK>3mH?yD9aJ6Z~Mha1UE|isS^y|>?Ho^Jei)Gb}Fm+Ru~ts2T%<)My+sxGWJ4^MuK?wK9rIl&S0mxA4{A^u z5FZ5oY##XLWHy?xv?#`9 z%qt}Fex@3gc?uXrFVg!BK2!am2t3YzFtd&O`ff76bW>Rnf%mIB>`rY4T`h!?L6m8= zeHV!!^cdf5wOz#@N@GLG;B*S*XrD{3wajvRj+a{4OXX{uEZO08BP1b)~mMH`V8a8J*Ky0-K zg+%>%qU4D~PTg8^o4;pFiT|%F1z2eLB}k*GM8V*{O+{5>({9<#k2`ydP|g1IE!J$A z)2>n~>fS=cedgR5bMoo$9*v`j@~g?p%8F^n4gq`7&Bv13ZHygBVJgWfRj+9-wwJx4 z2q%!PtnTDZ=kfsqc%`5@n*}jkj$PGm=$j(vveY{x@1MrQa_ydOv#szLl>8+55(SUk zp%`?fr%`}Ipx{xhh=*Te(WP?rPfm=sjy19~NfA`f{tIQJ3wY>LNgI65jBM$H7F{kq zAB>kLqx%b3`JbiiTo34Aj|WtZ*(dzX$;>l{gjcqa?zM2qYb9~w$=u70AY?ccYhL)AT0o4z@A(NkB5h)1Gi zA@$qZD@1v5{=xIJl+@!nla?g^#naP6aRn($q-Mie-U(MX0q=&#?T4=!;UP|x(@x{M zjb<}3fxwA=Za}N#lYU#Cr&6W(?*}TdN&1dPiL*3NvZ!355maqFT(HDn71?mHTyHJ> z#~G~p;;OjV-~S^NgX&m1j#=~W@#bizVXf1Hw}S#iS$(tZ{cyw9MNtM9e<91eDkY5| zG~OWD&Q^d!L?o+A|C$I4LlIK1Hu}lh%7*Q8RVJUg1a~|eirF>ub7HRcTc9j2! zrC3$=M6$*5r7*}#wL!*87^_*c#_Q=$@h)?Gg+)ujFq_{w47SPshT3@N2}(tBvF2ea zzj3&T0pzu^7ZS%Hz8m$#Su16p;ByP&;B-HBjpd9b0S*=g8C>w5o86LDmHKZET@}`d z7DsCFWk|8!Um)K0g;6^qBJZ9i@`9vXmsd0?YI%)r4#H?4J;EMZB|rUDKi>A{y>{@D z40etSDj8@(Io$A{D49TvSKNXjdh6Zk^4NH1`(pUlzPQ3v->$|WksF6s|T zxb1UgYuQ?ExVQyE49+RgVLvv%VLGy3!dfl2XWS;Q4zMaai3yq$skGxO|B@3xlYV+Q zd5OSdvm=T@z8RtT!({3^m(;nO@p5`^22yu9@!hJS52Y|sSm~)60&U@jX2KH-L^ZQv zjBq$I2Yc`^e+U?4@}ln-!|_yKgDnHt(f`RU_GyhEQ3oazF0okt`W)?oL}a0d(VZh| zm{)OdeZW*}xF?ev>5v1IZAwiFWL+0HG~8@9tAZOF8}XeC0;Q0r{SsH6qlRE5%}z(Z zyxtQKNCWj_-l%5121}s|ZCZ^c8IkhsuuTU=QO)_0@J!S6v;}>g*%(!Z>Im7I(N z@G_!KAxGA)Gw6ry9L~o$qbXdvJ1t8tz-3CRtE*dbfa6x4$*`C*@COuxy5ObJYDCp; zb&aV%f7KYDKWde&LUFHjLV>h2Z|CFR1R!FWgaa?ntv)1Ro<`kJ&7+`?a!9o2y7R{t=h}_pisBLwNvd34B63dK(Y*(LTj2@y@tfM@GZqjrMv% zq22_i8wL->F4PXO+y?bMa4V7%4FS1|I|DHps2aP}=%U#4IyvmCvMS*IpG0rJY4QEA z?+<>olcLM$u=QJZfWeB5nCAv~!O+g$$DC7Ob)vOcs`*lQ%#93^CqK7Yn=P3KjUn6# zW`dfOUczyie!cp=0f?<4Spk~&c=c5ccB5Z%pA#4xs!an8aBr*R5iIGpVu&szjcp<& zrr^YVlX}(eAhao^*o99A%Ir&~E%jIVJeW2^fnJWrQVfD|Wn`d!Trtt*40wa`R-der`Ci3qMSGW#ka@nZ#jO#-o`Dl`@B8?zXtK38ej=aC6orXM z+?&jw{Gy9Y1YGNS1Ltg_zZz*ppegv>r2xn--yX+kBwF8wGQX)QLWZCiQkY==UG1Vg(*y?)BV#0)m@W>Tiq36Xu|jL zz`nk_iOy*1NpZhnEveX%id@pMeaQ9#s(LRd>FGm$FvC=y9ch@QmC!ifeA=81NUVDe zM}OwccIXK*s5y~aia5ESXV9h!7&)Vjd1MKGF1B9eO06tB%ndC@%bN!4oxb6gMs-vqJc7Ykh7-t+oV>8pa8eaD!4<8ME8&> z0?llRN>M4O-7mfJ<6t@-GX6vqe=&cyBN3Bxt3!g(xF+{aUNJg0wkW{C7R4_vEYrH_ zHdQmbx2h{1&h4nro<1b$$oGWJ^4oOW6ex6pN9lO!$ldj#NMg|hRh6S`ip7ZzXx{GW zS`avLM5?9zu0YA_BcBg%#y6Vo5?-4aQLk}I?7onh$G3b0DmLbfGn8mg4gNf{uKwBf zKVTvLspQI>XU`JftCA!sf=8R~nkpqb`v7r-lRnL=sN7-4%c)p^*70l&jFZ{Ch^oBR z$Q{hBR-8#a%iI%A0+H7-TyBJnZ(i~jYeXn0=)=!WJv#h+YcJ=y?qeJnmmv?hlhx8( zsf=#1?gbq4ct9UhI{n#ihi6x7{t(omCQr)seIDux$;e=}!c5=4gi#d|@x$)~Q?;gQ zrA9e{Toi{*v6;zFdGc^N0RXGGYa#Ms`!^pAfjCn%IzXeciXrAQQcS#Alh505#tad= zQ>!8>1_m~@%LD+BqR<)?xoT}Zm9~U-gLe`C-WDt(0E3V?9|QND%kX|GL); z4lLwlESL=`jA8qyuGct#cw^nBQz!rhlLos@q`>X|6XM)wRBlnthHnCZpJ~F%MRz=_ zWPlJ<;d<-$WqSNwbnI7{4w)v09sA`UC0*~xU5FW~3LD2E$yvX3z$`$N2jkE5HzMK9 zIQ?=+Is1An{Gw&&O*dbzzT$V>)OWADc{ItM#mZCjMMTGYZmvRe81VXugInT7<3?}3 zdQ0&u$(z3fxv7?D3=)%VZrMy6Fq!V-H%xCCjirZ_DIbp`g7yTS{e54x1L}sT>a)A* z_@jw@x?i7X4OdR9glvhGOAH(?f_Z)MU@^V4n^GJ-e(4YxKWrV~5Ib1R{wm%LJ<_Ui zhR~MwM9z&`{yoL*T%OMHOD97EUiBIUfo4SAFqKW#x>)IFYg0%blphQhSk<|kUXl)- z)_;oyetG}o5U~`Ysy2M4R(rd{C2XfvEYBHL_VWty=IP|`pI=3A-$Rwu=6wtLrh->^ zTb|7m_TvK`$R4XgOke6YZ+QJ{zGl1lQ6HOeK1h1$T3%Bki5FtlYx-8@W|GC>VBiuL z`Gqr!*>XwA`1eb=^Tkbf)SIG&S3acCyq*dc!PtwdJ93gKVCO6-%=GksY=6$NxZMqQ zaXr?yZt>kj@tax0W9gHV*f_b7EtFM+ccWa}U=(jL5i|wLtE%@k?T6TTP^G@k)s`Hz zJRXj@h06_!Dwvg#X4CDtboT6Bv2fs$DPR>S3PX-R;OS)6i;?CJKjS8^-_#jPtsgkN7BrwQ($!J?}^$g2+DO*534327LcT(*Cq-DJ%g%JD?->Pn~yw z)%909L!m6+TNgnXm9|K7IQByhN4=$FX1d6W85sCY+>ZV59V&v-CefL5@bT?qhSd+om6mM zZ?B??hyMv=?$&$gA?NIsHLNKo$~7~VF7vwzR<@fUDq4){p9Fe91`Y?itU4TR%8yGD zdEC~IN@pEy-B;ztOA4fqXIge^C+SOXuv(uq-&jOhkg?oOJjL}Xnk`lj2^O2ji7Mk) z)0=pT-}{>NvPX)8UzBxzWctIFrU35vnt6O0P^t@ z5xJwXCV5Dg%W|3D7ouyg)DU}GVUE`i!HBQ}{(l(4o-dbjCghaSstl#+?(M#?i)AG5g%&sCPBvEQ59`7D@hL$qtiQQGo zbVN-G?QO4Af_-STny6=A+}(x3^HA$q13R6T0e%os)qEhpSQ*NhEYt((4?{?@T-F(( zX;ptLfCoGYo$&AkBen!}BI`!dSV3)n0D-St{%)?A$0ezR;Lh1~)nz29#JuQsB(QWza zhB)9@farffLEWO$^)6bUroP>B9vM<+NHO#QUBEtG`}F$b4L4Lu?Oi_9Z_Rt#X(N^6 zjnP+m!@dvGf5I|iL=4We{rVn!=b^a($}bs+J<$Mk;bLTiOGmxS{)EmC@2n>k1m*9^ z(J7WR%mBI$KW#6%yRzf?k;@N~2>{o8*{Qf(7K0gj4#dU(poBMxe2-e!qYcPLD3|j0iduvyC=T0NUU!DxA_bvV;h zVy_FM)rN-ZFk8Iz899d?8twKSq=Y-cw0OVuWx?7^F# zO+Y2q(8sbG#!!#X@nmv28AVI1`TfX46Sj^$G5y56Ch0265)3qSqs1wsuI8PuoS$%5 z;((A#0Op>Vg*u za9}^8;znC7yKqLs5+^f|m%97|!y|2HUW6E7<}ksq2j9{g)8JRr^N!xn?MM3fHL3gZ z^W#24^H_g;bhYs}dgJU0rz18p5|coIsGc;H*a3QqjtQPVN z4u2uP@36*}bRZHlj5=nE;TeD!<8odScj+;Hj|NHT2-*74Q=`GE+uI689`&i^4=D2= z;x8bK-k*^~53)5hQ>v|Lh1S!^Unl5rnv4&}=lYHne0F<=!{Uzyh4n0R1#7cX<;VOaFOr-OV z9x&^AYdV*&VS}y7ruklb1Y*?&ACd5orgDu!^h&6yZ8qk^Xop8EcXUVERUV|Q=Wov%s6=VG)}Im_9L1t)d7}5HbR=^*+{TR(NG%voMu#~XBBaM3^qDXYERNw zK_XCvLRj^3mlsuS*|uLcE4$TXlq077p)O09#R#HB$NV2Y?gBl&c&t(i$UFV~Q2p;g z33M*J;9sSgN$OEQ$0;aYlHU?_kK?G_tBG&NP(qN_go*DpH}V}ZF6N4t-;mQ#I;<@B zPJv*i(0(9unHF6&3aLi3SAB$~#S!0GXXo&N*HB9A$z?iUz4!- zoBc1~F`x&!iE5%yf_N8e-Un2Q<${hct+`wo&&D5$CBaA>Ukt+S)ED8G*QDsR9;k-U zwWcX+B#dbEDr}Uk6JVh9gTACic~eflqT4?i9dKi1xsmZG%p?E?>@OA*C#!d}EyHQ+JWa_qb0G^Rf{;XO%m;VVtGA!9 zLdIwR6(=64Vrd+y>hDT^3RwDv+cwSESRTNS>$N?A25*=orSVb9J>B_Pu%cn^ zYjajS=SR8(n%}7wlXEESvV$yd07~s1%*82#&o`&08C~k$R>q06&Q5DPiG`0}`ng?C zAa;-<4x-3-_SE?jP%PL|t#*LCU!&#Q6Qz#K2z-A_4w|q|(hw{*6)&xJ`;#u_c`ydxfDD?CfK889Y8ZNc)$}FKOf;pF4!t^}+ zmwZ`h^X*ru_-<+ZOg<_y*H?2kR{*~wkG}{PN~h3^?hZ2EmGb>7kEia5?AYTShni?Uj^= z3SQOnnx`PUv?^Ee|A*gU%KvZt&PcVhsl=4da;-e#Cr(hs>mYi6S{T7p1flnRCOYpA zQc{B5c#t?%92W)TgENJkz5h7_4e#g;ecGxk>z+rN2qK!ag!HRku|BQgDU3wVPbv7> z3eA2w&$MAhnv=A96`uH#Q=t~duNi_+2p`HvN32@4Y1F>*^Oph*(U}Y_=24WqxP<(` zmfOrkOk*f_APh{&i87l)8fUMX3bqLd&e3d6w_l_TLKsVT>gX@~E;-1uhS|Ps0b6mI zdGd_t*W=fzu)CH}@_AXcLM7p`{W7+SH!(qhUGXev8#dr8c?p~s?UlaM!1M~gWgy7_ zaW|I6fR=3g52_L()tdCDA#U{&sCqJ8Zw1Wzs zV_N-l_J7;DJI@ka-<_3oG+PwKn7KC=OwX*g5}7KSV@v3bYM1M|gwtKn%_=6vSko|Y zewCR|{~X|$!kenyebBlcIhy6k*hDSDf#E4v-E5C*tmG)MJ)$3mvK{ZGSqKYz7Lm@i zx0trK&(zeAjQ$=JhnhK3qCAX6UCDFUC8&2mH2gVDI)!`k7fk-A&0GGEaQ4r^Bv&(W zvN(zAi3A`M@;=6vC;Qn5*}iS| zxHgM`p(U2Yd8CXFS{%)2^U!)6v)M6rdyAoNyMV#Xp3`q&^i%fw|mhOg9S zVaz!~Hw}0r_a?|deJ?NL62jI{Fi;AFk-CAbjm~OcNmwIk5J-MRg3^h-V+z5;Mz{QY+w^E_Ws_XH5JBU7-@uA zlGhGL#oDW$4+|Y;0ymvPZ|`;ufzB(q0{O;Mvz=4CY9F03A24=3vn>pr znr?KlmS9sNjLz|@IPr`!ZAD%>NN8HGT2~t&pCsZo6=p!DE7kS=e;JuXWJ-B2_*i%{iS0K;yN8RdGKK|f9WNQxXPre}nj?ODOB1~8) z0DfXTWxDnn5L)Zki#+!++Q(Fe;rA9kFz63VlH3!}vEP>yUD)tfs}!qczG~OaZB>;~ z>$Etp+(!t!oqn>!(tIGpe$+ZHtUF@6xXCNjU@0zg^5tsAESdYXXi4Rl-_j(J@{a{1 z+772fc>P&q#|GxO1&&9!>QlSn3JZ;iU z!;Up;!i)Eyi@3GBqe5WHq3J?LHEYNmK|oJRzaO@tfq`QpCl;lg?-CHV=y}eGaSlhw zjyG?U&BuP9`ENtfzdZ}E;8Y>}K;U7KPzb+!qX6wq-&Nk-U7pdMc>#cec+gbunLH~m zU8<`#+aKCiJA`pn&HsvHyN+2V_nb1W?XP9v+!l&D)s9e%<|#LjAm(FbO+0roG*?Od zO@IW85Ug@3u(2xvjDFX`RBxqTmFVUy6kq34@G3Q`pB4JqRW{0LO!!s}E0hx|5nluh0Lcij*-Ed*&_2 zU^23^TN|k##oYX8`=Ws4^iViZ53wu*p=su9aYhY(0bf1Wo>cN z=SMZpBT)1aat&e0s8;AWa6oR__?`RRV_)S4p#4x>EfGTof&z1LwUc4O-#WPL=3vub@EirT$#3_F}B{v{*?2{8#|%aRG|8& z3d??exKwbC%!fEWz2>k#eTKqBK(M~#7g2`;xmpMgJZpWK4=Nc#z_zmUy(I|F1|;Yq zixTdZoaK72!Y1ncPl?C`!+%I`wU5z+d>`(khU8i6=H4Et6!Ku54nc#}ek~((&qTJ- zJg)bhOE5h#tg3W)8i^m++?d6$P+#?rCQAxGdgwvJ+QSfWBW{E>-d&B$d)M<%f!h~5 z%$r6Ksi=_>Z2c%OdAK+a7?(o(FWU(!q{0WkAbAc2_U-FgPTVU#T;ARO>#zN3fZPpwMsfHJ3p1GH5Pq33w$BO&()^M z-PwO^b-uoYUuCH^WlddzzY&yg`8+=Y`6J##vpB(;KcSi-P5q!y#c)+~R)|UJBPr+t zM_x+zl6Xke_Pi_F4d@uBtd?t4@`xB&tyT@T*USw%LJ*5~4CoISvZKGdzSknW$-Z-K zT{P5D7a?iKgmh1+0NmN;s=7?3W2}JZ!>WVt_N1mIx!Cd}Sol!7Z4lETKXx81Ewu_P z6Psk!b(@xh7g_?1a$Z3ct4d)d&eL|yxKqq>u1YqSs{M~5Z!|oQ93UxjOnN2LX0>{j z^6c`M3EI!n$Q~R>*-HXO(`F9(&LkRm3nNZ_VZ>E6-&+(;j%-4g1HIxi^mkGbD0JP~&Aa%5%fh%xK1C5V#2mP`$J1&qDbMTdkgg_2a>ZxTn)0Ca+)es7fr`?luM6Ty zJ)DJ~)oxT7*#`!A` zQ!1-MyWKc|+2wUlqOjz5nsQhXs) zyGMJ{n|iv&?LZ40?v*!UF4b|fcFtrVubZdRl#I}G9}L{Z7E~zIwM(+Y zMr2U(2L)OtDe4*IZX>&5IdCKZ7H1zsv-#p4)D8>Pw^asV;7W*$)yy&^7-FS*OcdHFLf^!1UX zc8jA*BF;Xn%I7%paHh=-;^;?RANo6YL>Hu?bIFu44Q5qkV11X2Tg%!k=RA>^A<3Qs zFhWkfsb*z_4}8w?%eNG=OWf}7y1}H3%!jFDzr3XJM49=Q{_!-qZ@2Uf|8%8!Yg*+g zLh&IcCMB;NBguy}w45}`<7Fd4>k!r*2Ec$3VY=z=@5lwOQhG>xhG#lFT65D-Q1@hu zfZzKN!@Bhvp{g1502?dVQjcKLOIM0ROkCxNh^_Xn&di$BTOPW>Np0BvnX!UvvPy>^ zhj(?v`^+2>RCkkitW(ah3)42wMY^h_*qiy`eresPuuL3J4bNX{boZ!asqpKA-z)G{}h1xmJ*Ai5csS4ZR z*SRU$p;W8NZppx5Fx7)vJMz7_Slx;j`q==x0OK8q-lWWtQhUSzFaKNEjn=OZb6PZUWV z&@piqdBSyFgb&=)|LLL>vxCHZP#7<_v!}g$5A4k2K@=HjQ2Rv;A%h znzG0R10B3S_Y-Qua}Z)QDJ@31FDqUU^Ch$V{E57Tz4Y1w+DH5^H4E7JMdy8_!I0cb z+;^6u6d3~K_*gx0>#VKA?tD8S1a?1B+%G%gy;-T{+ml5Krzy7mMi#yYvYsiaIW^SN z`5zu%^WY9`Bq?`l4Ulabzk-#Ij~e>D;~4TGeYzNqG2?UFWEcLlZnI+kytxU4i;Qc% z)K67{yKU^WKZEa3Kpv%xWpEawl*7UE)1FT-Y-ZeDn}-rS0R^kwNpMQ-wQ5>j{MEa2 zj42?B&>#F2N<|35RE-P_y);gRI47eI)Pw?b5tx$tBC28p0i&}}6sxz8K75dMNxkzC zdP)6&$IdJmv*|A4PFDqIhf%ZHZ>`zYaLiq%AYJEK9citb9qHG6$)tE>aL&kgan`c|8qKh70Aoolg{sROBd14je-e7-P(d~=wiDX6lWi|C;y%!hK2Lp=0 zjAb_m?}|Bm2O!VbBLD-M{3`jAGa0Q$gQAD^E$AVgrI4{!)Fsi|5}XfW3|*QO>wp#?BP247%`J=ZN(yz z4_}Xso$h1EKM?d|S&UH@I&f#ogxt$QrJ}gJP9s60)?nvD-P**fbLF*>)<1XV(9fd;%S{IsV4j{0C#;^-3Jf++In`>sxRsk?lDHTg-*BUfMLc zEg7F>nsnSM9^FBKP45(;SGe7bEKmEGB$Hpp-+0#Q< zA5B3t7^u&i0gmqVH0Jb}a=skH6B{-k=FlhuK4P6XX(x(@bYyG}LY=32`y%#JS7oe(c)Mv|l}B5~;KFo`Q3Jfa=1w;r(^`wVdy zjRUsj9Y83GGWr#ZW=(P$8!(I^!yq&BJ+H^@LP9AX8%0H6g=S&>2Z$=x5$o2GD_fbj zvqIf)o+r6Ye0kHQ{;UZgnAj{{pU0P?5^`g4uQ$ouv~iRve3tMjxUDTY1mYOV^ZonS zQ&F#R_Hm@W!Gx6vmWCx46YTHFg|lrxujG&gj`5G}u2{g(_24B-_H^BQ)!6oU3PQ9| zvo+FJVmKNmZ?5eyJbHe=&fhh)^T{J`UY@v!PBp^CIXZ3qIwI{(XQlo`etrMAuVu|k zZ*utw@?$^x?*(Ep;-Cd;iE*O5fnt^;^S9q$zZ-{~qAd8gPR=QF`s|gjP}4>J1I-KH zN*a;n>_vq+C8k9d!k1zEZXM>zzodZXMx3~AkL=)ke|`n#0q)O(YIhGCM^x_t>-G!A zl8j&&)@jrTrQEQ)fVNfTmR-nfPr{n~6}pjHl(+QVeChH!>Q^y7HirJM+@e|ym@<#; z4cZx7l%3!gp2X@kM)Grl&3z|&A@u;~NC?p{v@og;s40Z(kW&fpWf|Lq1m}VU-Q5eO} zc-sHjDZ|>JTIl>H4C6y6dtn!;L-M8KU$~$m zcfCG?@UsC$F#hgnXh|uQKczz?xZ~E6aC4uX_a=R&^RG?M*f9zwV;ZGc&+6TRlD(+u z1e~oB2;IFe!9qPy@rpnpa`%#i=W4<@I(E2DJ@mL;T`Gqq4tJ-*ovO!hz-pY|Ojt7$xPx8tgW6PEA{2t7no@3r<% z!)k0pK}^U)7NT|IMDbvYuKIn2E5iT*uJi{5ycZ9l)}cQAwu!32q-a#Jhg4Gj_JwuD zL&gZfcqowe0S}LuM_P&vqNa2#z`!}5|ceT z&;MXkYd#Vk0#fk;J6B#c`QN-^IV1_aIRXZEu7M2uN%KpBkB%V$QEsG*3&)HclPDla zZ#_%(ZU*<9oSa{9PX;3CB#l8O{jYIHb0sC9&a%r1DUCadKijVVoG!vG@D42LZFp0) zuFlR4#`}Xb8=Wrm*l5VYNr$}H6&s~CG|^D(^0?M^vWfHuSUelCG|h|oeT7=nDj9s3 ztJBYZw2J)K$z@cn2OBd7)3uvx39HOaWzDt>ruE5lm8{pXP<&oMqu zEDPo8`jm!jNh-UEtdH#4vby~GHoofQE2_+LLedr&h{5^u$0`~sO->H1gd${7&OU{+ zz;RYqgl;dqfhzy!;Ir#J|cvkK+#O4+X zFLhzPlN~6A{c%44WtO^dxV$l()8!xs=bQ#wtEeIz>W4>W;wPm%S-H=gmTaBRv3Q(4{%oQP)Q@YJ#3jc!EM zz%|b&p2a>{-mJaPhW{TG<(C@9A40n0@I@pU>Z_ojAhnlcGW*+gx9s&2O^tG=kmF1S z1WV}Oc7~J?{o<v6(vQ`RZrCyTYc2nG7Yk+*_Z2wR;wOkns+nMBS!xM>wpT_b{F-R3PM&W z@)dDfwe$Xhd@t1DTpJe&w45=N-!ZDH*~HC!(YvUG6VWBO|F!_iX`->;p6$(4?upso z!R7V6^eN=>=2Fo!g@j&S4U8^lfm)waAnjS!7cUlHcKWs%s3iqa8~M@h9Tx4ET3oWG zgg+I2D#5{VS#!urrG+K>iySnD1->`aWr_!5C$%;ECHe?jSG0}((2B(d@*FTmpliF$ zz9a1r9>!vh4#0+ngv4 z{Az+aIqJ@Tf5P@@N+z!?Vj9ROsb~|4;Q)Rt)>c-uH++f2hTpUbrU2KwqkLA_49xEb zMh@iYii(Qr_X?QzYxAJOzf)uV`FsB#U2heX*S4*T28R&b-4Y;ZaMwTx?mzDC?(PJ4 zcXxMpcXxLU5Zvy_+UMRnd(L$qc%X`^!RVt~YoDP|4vA$SRT`EA2G8%JttsT&&Fp@? z-?O0_L4$JamyO5#zdIPf3wI@pbkS|wJ^e9p*vr`|KmTU$VsLG-IzYrHRoVH3i-5zJR)M)z zpXC3nl@dI#)%)a=i_U`E#8gy~hv0vWHvhOtmelE;2kn^@0*={wi^JD%lu_F4u@ePT z#5QMe!P(FVcu|RoZ0Vfwl3$0vLXKwLX#56;TZ9u1fKnK$KxK5nAo$$o*?Z$*%INuz zJ$0*1cuVMofyEJNl3z0~(7~>-xTq-V+E%*6{Y6s?XD7|mLK;O)P`! zQ~OGnwJFWr?mIL;AFjc0Qz%7HW40~t+GIoz!{A}Bo>>#2s-PewvKx`0C_M77-QnN+ z`+xqV2m`ihE<|PI^M5IY|H~f3kKE)9$Pf>~d7Bwo{_%eQe@`HQh256tny4L<`@iPj zzYFjG?`d?}e?8BLN4b}+nZ2AB923`DJ z>+9(+FE2&F_W>en!`(lFgTD*|!(LNULrG6RSyIM&?(FIs6B&uLe|RWwXlQ7W(lVy_ z_w{^KBl!XO+e7PAfK(%2MLV?3wl~{)VA`~EoRlxQ!d2bGd)^H0q zW&6EyTE0U6ri;?t)HJo?aC$sk_->{MN_8}Bf8cg7-jqV&U0k=$os~yIfFtqp^5S$p zikh{clB@P;{duxbPVI63iX<^&pp;kK+X7M1<_oNvW8lQpL#-Op;rU8zD$~hJ?W1x0 zaJ8%8?4#{Kcd)m;Ex?9IAozTLSqP|DM)H9JiXAeA#XwRYVuS07}3|=+zcycp|E?a9mZ|ZvSh&4+1rBa?Ca0qi7M6E3C|~=1Q-vff-)g`6Yxs z$9EMHo*Ry<$}J{G2qEZ9n^?-XUfjGHpqKWT4%Ie)sdUbL`_97}UCE?bi2F@(C5CBO z9G9DNdq&!GbwOKDBmq9UP`jI>{GfWL4O4zz26yQopBCamk&Xws`U=Ro=@F_`&k#U6oT8;==(SBh1q&p3MGTn{`RgH=z6o8oq-!yJE+rrZRxKe7rILBo#o8MT~ z)&nC~so5@euV)!-V`ef}6fKo8dmbA(x%UVao0^K}@iOc#oL9D4C3~&~Bn8ejP6`_t zxL3J8rA=NYO|wzodp3O3PP-fkTV7HVkylnWt`9ev8$$V$*;)uv^E!wqVWdz7_gOmw zGA5cw#qwVtH>Tv$myUVOu32+b(0c0qrDw^*&8}r8kC)cgd4|^4%X^5d=qv3wEjgNi z$ufrz$WaRq(%^Can+I<_rq6H9-XfdLX@$5%f#kuQ^d6lpZ|ZPYnHVj$Bh{zlL#;4w zQ3XD5r%eY6HIGjWoKio3<{_lAPB&Pre)UsIaynaz=5#vYPj`mzzo^0sl6xNdnd12F z_ailg+}6(ScyZISu%gU5^ZvpO!@{!h?Ya~6`_>l0rONge@RqDmJ2W?RyqJroyI52r zuwA_)sMFackN31$7@ccXk`^@2A0$kd`W_U{y?b$(;c@U4Cf4z-aK9w*QPB(_-fGMd< zEpuN_nBQQz19_z^3Qgzhjh$j1iXwVyX(hSRZXR7?^lL(htVKjpT)8>LKx0_* zRy92_Dyc}_bj5e7&W7ycr?S$T#>=o8+Jhy#$NcNhf2}S|DgN$(6E}3Ve@OuU*qO6_ zkRUI3@&^n+y+QW}+bR z*9?~vIL-VEspx2nVj?x|*H**w>4uzN%axrf)8qyVFwr)buSoGKhvt|YJhxK2*7R-6 zqdyN14`&n4SS{9;)P_Tqej^>4xnC`chg~y8e|UuK_HYQKw3c)v&sChjl!Ad&yW4F^g~`l@$FuRyUWr<};-a@^ z<||_?tk0i?RXc>3>Xs+g``IELi2Bf*(3?+;*e=yUkx8YZDJVk|y!pHh+Fjw~uteI< zf0k@kb(jBhx9#HRhb4meDEhDC|F2v<3FSAUnSf_FXN;Ay9o5)qL0X^k2%iCg9Vz|u zX9FU7g2Mj!*+g(sR~i0TDTSn1(PNPYdDk_>oSqr#mecx9-?md0`Jg*Q3jrTmadjmF z3jDmbFrk|&g(p^!_xG%(_wB+=lfB`!y2dUL(@VHXm^Km(y=iHvMC6pMgGUz7T>*jk-X7I#+8EiOTH92o_h|9>(QJXjQ zItV)sG^+>n-p%OCdKI6P^zZo|V8>lf9pYcNUhm^c-AOsVIeR!J)*DS~VxU1|_^j41 zYL@SSTWs+r(7ub;i;NKS7RV9ScXg~6lu+)2Cg%@P#%|% zPys7=PKxk3K6$Q+01JIigVQO;Q$nmugJ8hBdYS9ew5tDo%1bSxe>$o%J}nKOrNCmf zL6&)Pk><9y*JX`X0aN!rFE1}8^f;8hQ}^Dak@8Fg(JAA1_bsQ(4y1#Ydy6&+U>DI< zqUFXFOyvJ4nB#ca(9_@GsZ#AWCGzYTJ?B>`xkk-Cn2K%Wc8GYB*|)%hT-W+iBOd5ac;Gt)jB?od@(e0x2~Pu`cFMEl|s0b{2%x19s!{ z5X(E^wAqZc0GB%8q{Yvzslk1{x2FHDIjhoU49jCX<%cFP-bKOjFIBLrYdI%SgZ)MpML%Nl^;t{zPo>96cHLqts_CteP7lBGl_mR3+T;QdLGc=_Il{R z@ce^hA^C{Xzqnh|y}r5+Z*FG(Uh930i;tHyIX)ht8e{e#J3c?}w|JT3fp42W_`Lc2 zFi}Op9_heAhks$CzUoZa6H-po?SiO_3Vk>-J|2HHA#WisU7(_pbj-_dKd-lgf6K$Y z7O#jn!E)la#)GCi0ET_!Lb9Q10J%`djuj=prX?k1S!`+D0sg4sd!snC`DkK-6W85W z-LAKj0do-`EIi-~W*03~CR0w;GQylL(?uq`!hp;(Vj)V)=Ec2711O3U!P zJY=icw?uVLiFd-z|K1+`{jaTR3mmw7brRO&U4cU}pQ~P&+cL$P^p-Bh&*=q#LQjok zdI{O$_b>`WuI-Eu50PY_vcnVbD^`u3a2IxNcC%N zc2{5xCZp%fx&4@-Fl$_mG~Z(rRnTd%fL~C895SMw8KSZyzvd2y$u-1tZ_xVCV24I| z+#s+1RQ)1lz{=vLyZB}Md-j*v13uVNtjzaJQf~X{c?jACMK3zFia0aQ&9>Xy+w2Mr z&Qh8v%9{~X;HMC=|+NmGX(m^=9R5T&H$=I8kg znE9$jnz5*Te(kLoE8u&{67Ve&}JT2^-) z4PU+4S@f=gp-IT^Lv3;-Uw$y`*(R?G>N>YAdyH5X^5P*B&Q!EIPf=gVm|W=|ANqyU zZyxrC76IsKzh{&ElKB_&rE)5ep;XgC$Gc&5P05T1#Boq0<{EvirssT9!XIU#ws%dz zH0m)RGlOf$xB~=ZgQLGyzgSxSR#<7XcB=89IeTl*adG+gLanWGKhbt?-%t%@bJuB< zSrBYE9>y*5tE`Ns#pZ$XX{$H#=*_M0tDFoP-xY-vWhhZp!#s)1i<^r}NkzmU#W%V< zSRx`KE6~w1o|vb|U{C#OL3{vmeK~|#Qm2v%+6nQ9oBgHW(n>7tsv~kR1uZca;C1se zno3hg_Rd!UTFvn^xAzEV3)kZV%3wLfe@N3iaC&~N{ zn6r5Ya-@g5qlJK%5L%sai|ZSBu0Jk++y-N?luceLk0PX@+Ke}qndpV`={bjN3dw$e?H}_AP}$zna<=`hlVBNQc+)5w01OLnGHAAch1Q4V>}r{2u|w|fnmUKnG#x33oUGLX@f784VT03R*B zWLnU&e>F&$@5Y|g)_~o0Vx_EOd>T#MKkj_VO}Qg{=~dZFf*NOxhGXJl#NMCNiiHCj$yj%O8!Wx77%%I9l+f4;{lt#A?l#;dbl%d zi5^y_JomYs?0hQ-4m;Fx9!?T5I0W*b^`?Byy0{y@n{()4uDMk)f;0FrUx*+>87C&i z=~t*4KKVQs0An&FpgtQ+1le65+@#!a2=!>y@m3;m_W{1omy?jl%7JDLYkJxZU5c`+ zol)l+-E}KlXtAhe0ayeO1Y3WnPK*3%$QTvC$0I@0*kNFmL! zn=Czb4MpN$=CFQzM`DcRAoX7%IRSR!M>7=@qpEwp*S&~x0*G{O<(6@& zQZuiRn`BzUMuBocG=)4I52Y;O&pmRPQp^MAAPa8)N*e(%Gc#Hjsb`(!lh^T~E zfjzl0!;hZ?Z@u-Z1Uc4CNwlc-tMUT~H#6+oyj_?#)*$O}pCmv_8eFT7XV$mD(~1ZD z11K~l-$a6W$!XH?hreLm%j!q+TCpn;hY)X^&D1DGT0&Q!79kD)y%O#``$M3I0QJgm zncl(tBJYon@V=e7!v9(?S%Jh+nVF*>*;aQSE$J~|W9rZIIU|E7mw#rbDyPY(( z$gkpM<~h8>n8lH<{JDcI>9q`?^SsuYUz}!vKmPsEETC#$z}aYuWwD5cGFFG-gU>wl zPh`s3ZO37WsG^VYFN*~ZW-Tu>;tFPzR)3Y?E6t_;%t_oP;OmU0d2)Rd&U+-dyry*} z@N)VGVIpxml}LayzB}ipDP;SSWUNZoXU(_8k9G;!Z2>(>)a=>Z?IE-h#Kc4w9$Nyv zuCUa9wgnL^?UB)-E~XI)Ybb4G-#tN}&7i)h*R-=3(bdFze*zbU>~H2V8D}>x{#o@1 zpgYHgXQ-pL8aO!paD5Lx-q;E}oHC^OBm{pfj9t~bx|2KWmrICav#`fa$IMOZ9?o^yYE zQd%6NxWSsrne42ivU7x){D#aU&2v+R;sv~Rl6ob*RdE3XTmznp9(v)*2~%`w4D!YOwJ)W-MQP4ebmh;vhGYbeQri6Y)x zMD>b9P?<+X=!Fg%zHl4&f#_vh@0WP2s)BtSkRcc7Qya`1Yw8445HsCq9oVOv^#uuNOeku&4%| znm|?q8PJ>^y%zy{$8<2DJc&|%n7gAEJos-m0B}BCAdfJfD0)L5MQPPDQ2ag)@`O0t@gANo2o6EOL2bV)-$;I^;fHFaEZwc9-`!_*yIa(ot1DM4C zEw4w8_M5v@Do}W?=fFDag0&CpWjhj(gL$j7e?9d_Bpw6tPNYh_Cj@qp?39eSkrxh$4{KOCBcN%fGSHCm77|(4;%x6lA#d5{m|s5-Xg><{Z85ZNGdi)|r@I8&mU>kS!;P?6Zj_aD z%Rxd$B%t(K$%#_-Y43mVK?MyCb-&F+RQCKBt|T9gI~XTZAVjZiulz$+ zYOm+TM;u(8+8Q<7Yq;tG7XY}$}%nRGeS*l$75Pa{VkJ7*X(FnlSg8SY#r#-j90(3T9{^F` zsS78}E8PSalwc=(BlfD-H#Ee#m^^ECxY4DiIRA0p)s4N&yKsJP!Sc)d61;Ent28rM zglogaqy6gc6@~qbvuC!~UwLU%gDC^mifCRzL9zN=__t=?TKW1Bl@%U>0hcr9;fHYo zvI>kHGy!`LyJn8{d~piDtmWRm(B!7sTmB4_nsb>kopg(O9-E$;58%nJ-F}Kt8@~)l zr#4>0w9r&k5>5w$BEOIVHY*FTNt>ckjNxg6uS^E3MCHu)2bbKpRT zuH3{QwQY2ynMtyg^mC;kVikuDXfdg2-7Kn6xt65D0`w!=v!U$DV1H!|=I)9ddH%ut z*g;DUE_|5S*sm<`)A`EuZXg^tz9d4K&GpM$wC-rIT>Qw8caH)!jzwv*UaPZf0wuAR zHuWdv%C49k7a>TG+kPW+l)4~|Ct6~+rl6$Yy1l*6tG&wSy#XXbS`eTBBW)P{kwx*2 zY&>YK%AEn@oDUVf2OYQ2v`;(K)Jg%jzJBwR{6g$4thcWrH@;>|%cn;_t4Wn(@tvw~ zamyAq48%#JGAG1@5BJPFTQZVi=Ugz>NqLjVM2!{=RsYn7dqiV1(zRTl zE>3i}q{>4yN7`|IN)~hEijzjORn`7xA4L?JbY_9dNcs8l0i3)D^0xEatUy;L+jsBuWpiqw*o{}DK+;5x)+<9lQrypX+d=niUz5X9^tX2wkigd zfqQ>x06&1fZ@9ntzp&1%1+uK+j77sqaw0^>mocw*rPFVsYxQBONS+eot)qGO$6G{J zvSM>udly=fJ*`L#JJ0%k=Q*>&0nog>qXJM;fm)1K0eIP z@$YsD@zClv!trpK3+B^VUy|cv4dBpyh~3>o{q%F`)V;b_z)G*&?#=}I{E=uR?aRXB zOF>`viD?{gt7FRC8Z8G%>PoXAV8nvSYvoWs!_d%;pfWLJ?e=MN8;Gj9rf3)ts0)&? zqULd^QIjmSGJ(%XP#>e@4ravV@6{@8ron{i-~?dfMe=Z_cj(8E9>{z`*h(S?m=)Rz zuiHVHVRf}|7VA6a9&>&(t~=*WQ)K|l_7LXdgJX0w^J)K~;#vm4D)#rJb%Y6eI*7j* z#{bh!;{&b)ztg6mG={WZ*iMUnX#FJ+D7^=bCcYi81Zq&cjaCORlN6UbT6c`Lvf9un zZ*z!0bYT##AxdF;;b{zBRan2?pG~K`c5o@(UiBwxaS-GdliJk;iK@65p!6ElGbQHd zC3p}dou2%u?0owH$O7bBt=jHBj%zgqUp<8D4f{_Aqx6OuA;LlRGWLs)yb+KNP9m2qAuKL_Vdf2Tc0ZVpw}O=$&U+{S zl>MN|zJ{E%p(S?wO>^GI;E4<|6bTn5h0j*#p^s;vQRnmyMxA!0uH0_OL;v%L-yvR& zhs_ko(|YQ%Q2&$RAvGx<**%T9z#644UqGwW~%oTF|q7O48@fSG$-W^ZI)}*Y?T}}Fko5S7dpNTX!3>#ah!IW;8#T=ImzS(9axTkbn;yw30KV##kqVaX+_Jw2%4QfTB6Pi)j%qhuHO zx3cl>%Hi6Y#2(C#LCz|Z+|Ox>jl?;ivX?=s$&HEX-NADMt}#Ei7AN)zblydTmcYy8 zX>?rN5}E+Qrc2GINe%gUE|w_MV71*ab}kB|C&Bc!wG!&Gn`;_6+(2}T;&%K%0DH%=4{uO@7BxBu*ky(m7<2-U+1s4Z=)nnGS_&`YdAp1GxN zrPUUc_VS9G4V-Zt z18tat;Zd>dJ`FFKu}r&Qi4fBu)C z(tiDId{g1EIZDLC5>awg;}VWA*_C0q!7TXXS%~H+mcA?cBRzQsNWF(X7axe8ks^qx z4&CElLi!`^aXNw>4hxjmzjW9aOI_cBd>PQ^E8Ct@WI>vwK1$JSCTmUV!rIzVUjkz- zysGl1ZK2ej+TI4#q?#oe2h~F&A{I0hRxzu85PDskxbD^~DQ3!W`=0sOaxpOc+Q@j0 zSWhCKXZ2>}3^Blxmgc_w)Qv$zBOkcVuCR?1nuiyJC~IRG6C<|P-D=paIj~AD*vXq~--}5P0Uhw07wb|bhd;aO5<^2#$-vB-~ zLREd@(=X-%2|f@V?;+M4G>b_WF;H;Bgp+7pvu0Q2&WLu>BITmC77F*0)(u0qv%;VQ zeGPpT)Z%#j^SzAD0tHIY8R!|K*SjGNI)-Lp;vd2umWUT3LQ;2fcX*YMJ|Kc8M5xyv zcQ|kyY#k*LXY-qDIEwPw8o?J%m`_78&YyWAy(VjDkzX?*^!>;9KaC6E@o+dTjYj|b zyoDx~!KoRXU5_o`vn7(uuoXc_61YXm9>$PIUzU%{{I0fvCtVn$JHqo5^g@^`W&KP| zE%`8KbMx(qfr4BT-|Ecw%%*M!{}F)EO!xUfrM>ysG!RtOGF?7GzPiiN{Kw_xOj4hf z2f2ZSs(fafw*L7Ueo(~%5|YxoH|z}f4vY;K^8JU3%`9a<{%Yv`EKJJBYzYyGw4WJj z!h1*4dULt0{RV6OuTL|kj{OGG;HL}qiQ^1ZjPaqI_*fTpmitSD@O*0ejTIA+q6^jE z-Rj{3wyZkevqMWP;J)tAin13dtQZj zwOh5`9wt#n*@@n5Jv3!9R~t5b?(%@?fw4rOM$LrrFlA6PJZ`ILkZsL1S$Rb&aWgt0 zkUyFcf1n`HeT* zpr9t5l%IV}#?x3@RnHwEt$cMnGD1wD;?l@0#2@g7WgU%vC9yU|Xy580^De9WKts;{ z%DTYvBl{~DDrwhdB;VUexS5wzxg=@=TWiEJy0KoC5%eM$|2!Lkbhb1SVEVxLr8AqD zhbz4)Ld`v;!;~Hr!z^+EWw9+`tM%x(1n9hn^V8?cDom>LF+OFabY2UaQ;fA5t77sB ze6&0f8+Sa)c!Fr2mTjm0kK&Y5Tec-sHCCO%CLayBXkgBUzay<#{ZINNE}Sy9H;s?F z$NUGq`RAR=#3Jt3%gy?P_^se|G(y4xfQzw|9U6WP$Osj1#cqdV$*~{zza-GoS2x+t zSw2+Z#ple)YSFi`k6ORlttL&6lqcl2jHj^Vb6B-oqW8`eFj60dBjSHXHWP|Ptn7Sj z@Ka?W!@Gd0N5#eb5Y=Axdp>8F0hlZZh#%!t3{j^VBF;VUEj8c{>p6!*WXVLZ7q56D z6m#|)^DzaH?$>9fc`ItuR|*Q%X!y4bKUTX?Q4v#XIv>9uJ&~{#Kd@NiC`MyTL>xdG z@C?!ZOq@uk;w-CG?eyXcy(KQYN+WUm#@=@(_^BX>Fj;_Yle0l}h)|1&NVqNQ9k^ZT z?#ld@V0Y!#jE7-Vfn~&riH!wPPMM9cOeWMjIe%bRbSBV}D)1S+LL^sCS^!Bm;mUdj z^)>~ct~~0rY4%0iiaR_L;uj0bY|lr~1}&%8JZX58Nsg05aNld5AbB8XLDxFH0cxI_tOf*|;$Nq!i-=b_3%WBZ zi3%ss4vKB;JMBmaR9O>I8(syW&OSz{uMbhwaRfLtM+mNH{=hp7V|)_w>sgZkAZOyt z-wWt-7q(&sjn-nyCM@`&H;b5D-2D?wUsiy?C97a=R<>a-@*S#z-zaC8e} z*XNC!vs;cy{Ur)*_V%7W>f|v2$)tT z-X93i9e z5&;1Sju`Uw<%NAho-By0ho#_ZE-$lpq#r7{*3X$M%B+I$r<261w9T(w1oiRt2_fCN zi*@&jx186qJ*Wa?<*}}s(n;a=dEU7F8!Q?HlNZ1yk4W(o&Keo5T0<68rf1$-FkmeH zT?N8F(0{7meA(X&LWpXu$bW`W3KZ*I7yJ6uAUSSZY?8}%Ni_Z3(B~tF`F`Iq;-*qvJ1j#7d@FQTa79M^n*rg3D;XFZLezHUX4c^&LMZe zgnnp5_@VVdQtE1x7=D5j5-&{{k2jEnZ@}yU4mXanU@~OnF7jXv(2goZcHC%!6JQ#b zHN;vT_gpLfe4n4*>PT%ys&4o2_WS|h*ke5 zY^78Xts;-|i}6dVx1pQm{MnhO5mr+c&xyb`LaK;M0I-HQ(}l#EFD z+(UZP7oxogJ>;3?-H3!CHYZUqhyz8=!a!+j-i-x#QEaoTHdt&5W8K$t<5h)+Y=~2! zqCVg#XHDS1k}Hoc93J+r+~OhBNH!*x1I#J~La?=13RLkjh=AWVsNzaUSf)#jJ|!Ny zXkI2D@84H&27DQfKjfaa?N{zChEK34kZ9-sQ5S&;WTl``MxIUYBj6@bR*Zdz)$T_z z1ME++6gclLk&1h1E30A#0^Cm<6^T~iG6=c-bQ33Yn-nu~g^#P%j)qbui$pgW6bAd_ zRX?Q_@K$XIXc-DTnt&EeI9lGsO&yQX6)Srw8$N$U+(-kEa0I*=Aw@q_M13h2@O=8X zF=C>uJwGm1WWsn9WqD$m*PzRB`4LyhkU^NiZ&2~)1rSIVCNo+1k902 zZf0^^?1VRP0{VZIE^$hP*6v|cc+na}i?$#(WMpKV_+4$uCyW7oP4Hopgu)D$1b}&0 zW1A1_tG^IBnHm~i*8n|*17zKzweq$}uFH=v34YLzcGP0uD?m}S9aWy^cpbi{A5u>H z9+lQ~PrTY-Rd^f;8jBH~yq7TNdw#L&I3QHm^%v(^ZPH8p)0spb)*9YnpyYcw=5{IZ zNr0dgPVKAU)&ey>edpS)_lNGm$l-W$iI+12ROmez^;7~KrMM#`OdIPjhSU_x=lSIB zG7a&1yXteJJD6w*MYC#;zR!5FDm*~;kvZK^(j&Fj2L-|DvJBmRmQjw+4k1DUjBQ{zh?fH zIZ4)V+TSKsrtUr`4ME+JZM&6KYP62cv_a*W`{ef*!YCfqtpZwVoy@1byuPcQMtem_ za0=b7^}WTpm2ug#88(yCpjgWLynaa}s?=e^J}9xZ`ni!77>Av=ws`~ zo!{e|*jJD1VvcsD4|CPNRB8IK>wVRhhJ(t#gFuo##Mt{{H=~bqVr2*)gTl61LSsDV zWBykDViYgudTg%jwG=Cv+K9a@vTWNw?X08o&2tCX>bf)u_PTdq@)A| zhMbFI(oyV?BxHNg*ddJNZim`+JgM6hp+S{qSM~N2l4bj!Y6x&}(2zh<`!ARSkco2XcERF=}y$4gsZ$Z>j*?FDag{p?iFLV)|PJ%H_~9ebL8{5kKso@(olgj7|38xG0uSv5%AmjzLA`8moL`9mib8;E~ zM*+RZZ~@`I1(MqhF|%0;|6c4=nbBfeZ~6WE362nZ1)0&8f+o71L?|14Jld)zuwidy z{swSVXw1)s-A*?l@ul(gksUA&92d)bap(rixi`Nd1>e<@9=;KM->fZyvAsrC`)DH2 ziCsxlJ0*atVPG*OB{FMM94AiEhu+Qbj279n8krX>IbY~Ps?>DldFZ? zw3YfM8E9A1sqaEN6YQhsL6f;fWnv&&eG%j$4cMZ7?*0qRQ)aW}`D^%6M;)2%<(B6r z*~%cdB1g4@--(j8$Mkq2=}!yy`4MOwgC5+r%bA?6TokQ?TdrXQBc$%9v zf<4m=pZ{$~HX_0w%drn!?bXo)D0XNqbJf+`FyL%1>x$>f#bI#Sx^vR{FK^>XmiLjo z&D2vA>^xQ%E!HDB*Pl{SL}o7b?Y9mAzX6(2u3s*;+3A(}4Q#JU1_Y~BNr-Q9g2>6I z)di_-%i*boUX&PnhB9=6kHeFcHWd1bjn0J;trU-ejigSO{3D`VQiZ69E2WMT*V+t_ z)Tn)bmYeOAlEH>27l?J*r+wEgx=F$50(X>$4}UV04MGO6&}0Gi1`);cP^KIjNPzOCiUpoHZ!Ca zPgo4wS0-9^IvVpW$B!e9%BWrK@nivf1F&)*56=Vff=ca*2aO%a8`9SM6#H~PE@%NH zb`s^OI48-Y-DBFd_kb#Jq6A%Q>3Xksuzf?xM6OzdJ&eKg2Ts3ugkbrmAU_s$6>tD4 zP-X>aAsrQ@451?@SO$v8v6Yob^`T*T{Ej98c5pkTnCTxREfj8gXnV@`G=8{4_Ah5-0hU9mCf9a+n@~P zi0x8X9&YLFyK)*-q{aHk#>5h&9q2q+m3y2Fcx$vE3&MM(8Q4LNSnwXGi#cu{9_%1| zzZb69!8woK_>7>S)*5eLGodjRA>^hg6!z6i@TXV(=^iLZM*Hiy=Om6VsEL+F+f<_= zlQ|Cb7ToY6G2j193nzo561!tRfqA_2`VH64@cbf|5YIxSu~0PlEj{m*uf2=Gl`+i2 zj@0JaYR+&7O<{08y$u{MIkar{=8_gqkL4vPPcAJNvh}r5I;Z)JPIB}-mZpypeGR}swT!sx`(299ngzxv z+)GG1UDwB{4CR7($E$_nUN^ z@PME|T#JcB$PATZjJgV_>>OH~wB*8l?7PnUvwE0cK9RM)hu}1ToA6dMm|!PWo~OZ} z8Hc5Tnm8AL0a{~%H8rF&+^7iqFJ^P@$+3}oL+B+qG97FmP6%-FoF^nB9jGL}w%YPw zIUTn3X7fHRfR83`4H5USpWT9C8T-(l%C$Ro<8RI4RS%5Band;qQ7?sV{h-bJ&U0;c zG)hmh&%8s}?d%rhEZ=_DZOYw&Fk%&S1yK|EB?fUn96>jT<(+%DB zIuNq-wa7uEWHpDb@rqHRGhL-wd%pSX-yhtE-(ZN)VqN}Pt!=LzoO;fvlXvjwT~M^i z^|81Zphj|hc9ZF5YN{r6i<*$)UEu~5{or@(o?nq(fejSWztoA|HoQ*tY{K$jy)f)Qz zrSGkTD9)*QcBj(iK8Gi+rZ@ts>g-htNts=LU(XFUjM|H08?-pEbQDNO;q!t66qGa0(eM3N zF0bQ_Wo!OEdpMl>RW%pgAG8gwuPCn9c*!WfbN;7`wS`Y?9kR~Sf{ymY?w;OFAI5RM zIaCuu%|;u^+F7rN@_Bo`w`hOsz%&?7bA1d_$b>JH7Ft;5RdXAYR1dS2hMEF5iUU!q zyBOTp0A6={FaPkXIF9689)X1X0xKaHVF?Y_RUDO*O|3G@zQMt4!D55*Qx{H|}pP{JW=KKY0%KEJ^P{K{RT#4~pz zImSm0a!5yas^I^kiWwRAp1qfRn5Vx0to3ChR!I2K<>l>Q68`4*hWrkR?rNcv><*O$%yEu%n{78dvGA8si`RjRsk=N6qfo;<#J)k;%B=nRRYq^ zVqYeEb{XS0<*?4SB{mjEImRlckPkZ{K9oYAXkmk=#>ONt*o6D5w%x$`iV}=6JR(5v ztv@bDK>zbzSt-cuN(}Dm8UV9?HxQjDb7*4vBx)6rTwqHIA%Qo;fu~5|^2y%(+(v9A zS%S7AROa&!<3nW5hJ&Wtxl`l-$Lb_(3Ug7K#ItJ4v2MSlvtNed>2W-mn>p5z3#LEe z_X80w#)uib@L40^1@or+5sHrECF8`|n_QUG(7QiU7@E+eb4UFk4zBA8P`@|PnB&I% z#!){h^x*IKkzpt!w=`1r?3!$VoBzof%H?Z~$bEhzu^VEKu5mA1dj7!N?wjQayCl7p zglwiTp27YXetnF6EZMmiV==C=4(`YNnqaLmcU(8w*U%IBm2Q25eLpNoEk3We>65R0 z(k@wI&Hq@S+Cb%p)JM4N=e}x-%u{tXJTgW}?)Cr`EQW4qY)A6(Z`3VUimJvt?0jgO zdNfxC*fvO>Ma+A<1c378L1JjZFIrRV+C%mKb=!q?tM4C1Dy zRId*=^ndo1v{Gx$%sIbu0QQmK;^Zg-Su~KyO6DVTt;f^HNb-Y-1n7T*eYNKyK|DYx zcg|n@IwzN&`&6NH`2XxH^`CrTh?-KNH66b2yziK+wmOm(Z!uWsLiG7C$K|;V1 zDOY!m=WMt4MY;GYdi|?vS$2Y_y3pdQ3%@Hy;dG^y$KyT8dXBBPETLpd{{+_UuVu zuq3HSA|!<494XgB&IEAEJos6m>JjVua2eUGNj;o}@$-p>wGk_l>~@3>bQ*q~5R4q= z!F5Uy~u*eq!TE$TN{p(1oHR9j9cQ-Cyriez8W_48%^C^5|^ z0qMLHOV=B5v4oTG(-HEr8L#(wxGZou66FG0tCt-VfJ>}Lk;-hrT$TXD$k0$0naIwO zkf3jkV-bt?kdPTIc(CMOp5xpLN@<}A)2JO@f{q9xQFX|2je62YIbXe&@iA8-!AXtK`t;`kAh@HR}^b>g&U!^!R}40 z!wt#(>^Xi?;v-!wa4)Z?)`E)@Bl8Bs=Rsi#UvylU-XC?cE{M0p_*wLT8jNemhFj&) zw|6g$ju)jcf>b~@UUPVP`v#2EZ|J+1k~$i=j9{392|U*C&}3P*FNYl5G3fvMcmaOn zcY!575Rj2UCV?JmxmBABF>xl4sYr4O#VYlIpv#p$^itPUI&^Tc6vN*JL^^Z!kihNf ztEp4n)7+oxkq1a0re7b*diog8BuHsI{xbqHwaCUxRUPx*Yfrq>Y6eFSOiN%WzDYd9 zKK5kv*I@*~s(fch`w~)f_axppQ*8~U>%Hbmn*rCe5nWcXlT_XHcv#4Db>#ozk1R z--N(DZpI^jfPVhu!R0-J#`uht3{YqV8pGR{KhksCc|CjJ5OAW4zXBcDiS!k`^JsQQ znv9O;H=|PSvp?svsX#7d-ZjfcLp-uRh8@%MBI{!JV+P+lyj_AK?xur0d1S3yc^2uw z+bq4fOMup|8OxFLU4<}qJCRmL;n{(4HIuV)G6Wj?XM<6tnT>YL8&&n#Sc>ra62R@= zq$%QID;G*ZS-Tm_20;^mU>z=(7Xm76)JIPjt!k)BMjXO#?DsJei{9*Ij7le5D877& z_k7=_kC@c4VK7tMC|5J$^=dDxk(Zx68tvbdk=2P-?AW-vxyi?aM$#3o?iVfxS}xp9 ze;d20tQPYsrmMLkN+;{3t@A7}`}07A&XKJruZhYa_HhG7yA?yji27pF1w|NIF%y`ErflLYaougxqn9kAunB5lTJ~<3jD_#m6GGDyH22bQ?pY zzXZyqhre&kRVgJr*GqcFt}k5aDR@I z(NH_xrdc#Ly?5*!c0R6jyj;JbFE`ZByUd->JaWH{O~N+)sG*2|e4Bl3vThsQW?Sda z&c<|_;w0MCaJH<_tlcn8qpUo-|Fgu9%YG05*ur11($i=1K3I1sCbv6=Ol_+=6Z-ur zmLL2Z_giuyd5hQnfYqr*lsW#VivUYt%kbmSG zUTGogk7UZ+p2NV>k%xkDfH~8mf~T1KEn)#V=Voz*) zVrOF8=ESx&v2EM7(QziWZCh`jd(OS*zQ1$->eWfFmA$gRUAyY3s?T%q3D50~eq@|W`e28s(rI$((m_8*@6lL7?Da^$BKKJ7$0cJW_bKz9^u{J5kT+ne z##$u$A&C}27=7CSTS~~C!vn^vGLf5^h`aj!$mZY+|tbyCO*iMFtL9$aah=`-$vxE=r$dm<({x zKz487?x?lNEAK8>JN^DcM`5Q7G<@$_m^eVdT6p^>O$VWf*OtHp5O1Bm(cxOeTiMBn zY-=wC1L1NN;i33`2Dk>+#+>h7OMGYi~-3r)I zA}rq3ObW{H77Tn}%lL7EI`<1~~H4>vUw4DaRe=-G~xDLNk_5E@~C|e7bW)^k1N!rvjdEii< zJcJn=Z~ID4%-yR*R>evod?1?PFDMU=fxmrb&f0?a2M3&nvyRymeht^@$yH+QUwKKh z7O{|(g$R;-z@uBz>nDpd3I={L1}rH#dHI!)Qk)8kQRUcEql#J5iUR)++C`q^V0F8r z!*V`CKY{usI0V!9W}J`fy_Qqxod=xR6@+=sv@!{t|2%m<;8Twsyuk9b4irSGu#!e|ZL&$zp>|XayrYA4+#~_`qgzJoBlK(81 z65O{I;b%V91 zt#Yj`mMg$-l+n_&I&ry#G=)`}HfoC>$xfFMuX&O4BM^is5jb|74nr(@ORac7fd*gr z2Zqd-fH!GGKu4lwA%M`UA1q*mQ=o@5apcyFpkDM}NHOyaL$j22;l%;oyu z374(n3YKO#DQsxN?-w7dyB5PM4=Pb(-P@=)JaqDwzMcdfpC><@D{5_rGi6*F=Fw9_t{Et8P=YyzbDkN01m^>35 zJMh0N4fz3NMjyuBWPs2!Vlv%I~%D;`0Pb2@HON3Ri&nIY*-2p|bO-uM4GCehr=HDgkb4sHPl`bVmT3-Uop ztC;@o-!pmsk|g>DUh}?{{f7QUi0b%K_=}n_YXyFB|1AXl`!32CAlaSy$YDB|(O|0g z3kd8lqwoO>`NT$+G$HN~%2}ufS*v<*PO(>QsrOe@wAszw#j3YP`k-f?(9r^&wjw;q zlJ-e3Nq81>HRfPv_@drq=LHON^^exK+OwYsgRl}nwdS_rPO6EQ8#_5Eh`!qDWDgP( zCE2@E&lI0mgsMXc<|gq}VVKLh)(Y)!M~t z07m3Fm)Y=jzxV+AB2y-HD{8{L;{uO1on;jpMv=+t(c9BcQ=1?!l%|y{(C?n}St`aVFzLHfJTvu!43aFdT(Y}V_+M{M2k71 z?+!hAy;zr-L)J3?-g1>Lc@q|zAh4`g?j&$jQh&;n9HY~X`%NF$NGLCbM5&u3RT6>D z+GM=SEc5U0P$?uhEk8jk35f!HmLz6?z@$j;z(C+?OGIG;#T+F$Tk|1;vM4#UG7G4U zO)|t^2#8(m{Pet}%YQ|YDG*R+E^UV!^H%$DvvCY0(xay9j#P>c=DTax5~WejAdX+? z$gMtsQmyY3JSHbfam`2VHh9gTx2CsKLmR=j4YyPbBssE}oQCOB55Etd1A12ka|ySE zq%qO6j;5O%z*2BU{;kqv3i_!9>>&0qgu}ilC01z$FWHLI{GvU%ZEyQITGC0aNDqw# z?H6?NFTzw}(!n~b=}#BpnMw^MkCWgd%EIg+OUQJ6roH+D-DR4QKHy-JyV>72O+wm7(L0Uw`kCy5?D3v$av>)Zr$Rua_*h;LQWg8#TAf6b8I z6(39vWM656^WEKnJbmrap`oOd@&zJx^*U|F{&!Iu&FWWWQ`z9Q;6!v^pI!guUn^lK z6(!6^I;;O#+f9n;@01WIb$Rs3B07D2g8jVsgvzScL#1i&=$He-rY0D!>F3*&DAJkk zZY=P~D?JV;-6Pi5Bd@#5eOpmuHXB-2qglO{qnzFf!^-(547PhKj?01ljer2qbcdr2 zG~eCxwn*ERdI;Y4-jDfCPETlqgHViE?Go9ne4xqcY`krEQPo=WS-!ey|pBIc&OLrYnVu)=C60|rOOhW=M}N(x0VlPMCCz?!QlQ(KCDwWv+Cjmw&rO8o!I z!|i^65P4<(k)-}V;M0WAnN;BYp6~_3-eO7$_*xLlL|%ss+QNj0WASHDI^$zT5sDr_ z43voqFT>dX@S}hhQk||_6^~4==YMq{(sFX-VkT0}?|V!yxJYys2H~bZ?f=SDo}h!82;>h5F?_oUCvL|XIudPg9RkY}`l<_cJwGOy&vF=o z8>Y8;0s;fjzZ2?D1p$Y?1Av^k{PxXyXB<2}he3`BikztuI@-^8Tz@GXgHOI!`!NsXaB4^V^Cu@$N8}8{^<{s`J~g%U|h$Krz*I8P2e}L|^Jji{I`m6jX1|_(0X6)#FuBKo}AB_iPxfBQw>K*5 zQAI|7fTHt%GpSxS^XMpR4@5+>&VvFIQw;Ff2PtV~{eHUb=RrlD1E+hMC(i1DbeH)m zOSR_H-x78#&F*&?;o;%=LQoiBwL<1=%~9d3sCd?CmJx@OCx+41vxzWKt*soZeRX^3|2V%NGG^68ri$i>;@Rm=Bjlm1GF@Nr7pMeVGPv0j(@& zi&~dY`l`ixvpxKM4iuc6!H<_~V!k!+0GmwI37BL|By|y>clRxWR@eT)!HG_jNEUGZ zN&aXm3&`PlZM5C;S#7mP9U2_gTwu9ccRs=!z6>GoHY{{DdH$Dk*LK|ts2NGo2@n^&CSg|TaZF?3-^uNZ|kMdPUgx*9EVACHJ+At^%lGbac`gQ zDE^^_Y&m^arNpJF9Ny(t8ttz*f0I})|vM;BShT`N+I&-X%HfUEo?OVdyt zlJyPs=4&oTiKFdN?r@lp7u=1k^}D;#H{**6O^E&ZT1!*Fp*j@GpJbd(lHmYHCVnHs zOlX)g0K?`$DR5^$GLHd|*CVp~YX|dmt)+$7U^Dx!TY)!oqptBcw!yj4rRNi#{6nr4 zkZ?%W*4|crTPf{wr(f{5$7syWrGjbknzM$xKVk+9kx#e0o4)3_St3DnzSaI$Nje!B zISx%yrTW)@vjEU1;jclLiyWa;p&#-dFIG`>zq!_aIq0)EJj-`?yWFNYn5VFy_sw~A zh8J2-2ij!B#tH-7vt~Prn(?@VQFN8z4KV2x6g<)04cE+UZ18Djnz2=Y15%zPvzNzR z_iwWYTovoqTisp1cb}Oejc|&dg~0SV4Q74Etk$B>fLfFkI9aO3b->4G$enxeRmtJG zWC@LDm+((ZA^0DQ49@HConBmSl*#8+?KW%0=nzXZX>x)-AT&P;C;^ScZ92v{u-~b} z^!&{>|3qP6Qu}zth&EfxTvnpZ#5+=p@uK2UQ8;ytWkYRju2`Gc)h)5tzU~*aQ6D#2 zyQ83@FKM$2nHWKM42Tv@gVjdydIj0(DW`0=eY-{80#ogOQl!s$LQ|a`W+sAo5<8Gk zSBLK6zlu_vE~owcY`+gbi#lw6DyFBr@)6^WEdnmx<=ZG)M0lF_F0hv$X_W~ni4vlU z_I$Muy1D4N9O#c3lVy^WO*r-|=uPc^9bK-O&jvB6s>A?ta(74o$k`@;uHE|xeDu(6 z#_sd;tyIu-dx)yO*A+&!BcP;^C%rG)$sc5zb-XPVxRB`P`W5Sp<4M_=GF!Vnw8wjR zMYXj0K(e0OD@o|ums9eGxcGb`6%nld9^Gm8E@mKOXLt)DrpD8_!ycliThlZHjwDvJ zvXmmC>wpSE{IR}2{CI!0xkZY?1T3+%!za* zm%DEK)z!&cW?Vp;;_dZ)nyN9{?akWjQcky;R;*l0WE=d7DyYzY#WdaiIFM-CZe+2t zb<%$0Dur?PO!qW1_w_;GpGz&5?Xk;5E=aGs@X2z)_j#egx8wV^FX41IvV+hu?B3z= zS6`*N23Z@dB`QbQ@u*XR5Ta?D=Q}=^^aU4JNqbB=kY!~2gWV-^!?6gE-(u^?lYiy= ztZ=ouL5whs4jdOZ;Z6mQ+1q+HZM(gd8cC3t*poiB+E9IEuWGXieBGIEauiESicJ;H zXiof$0(w3?$|33!e$#lk;_48NsE(kko|Lr`nfKdzv4S`<$4syjd)Apy6_~%jG9yY| zV!lcDV4f_O#KgD#h0kvM)ra-j1tj<3?wv=wa`_~uK>*gV(RE-M=G#1a4=g$@muwYD z6^t_$4~wbc9c-SmyIcU;<@Lt@%JAo*|0R2kKdt5m!#%r}F+}~~4LiNg0ir)b#|0sY zfC;b}m_I?!mv)z3dQ337wHg9$dA+Xp3n!4o)O~1}R_^Evq-LucYo+8C%*zpH*Z#c0(Tpe;rR~HFcZvOWxcbl z;bq8EJxx-0p*7Q2ee!by1yI3%!Aih>L%%wdOrn|lJDd9mos~W-gl_ojFBs5fniy4N zN!M0^sgJj6Pu3XLsBKB=j`$l45gRn1Gd1H z?^_x&w_u8Q(=)efZdaabnPUlp)7o+d`idrU|51}#Hp2otE&CWsrJc9$<{6}*)B7_F zS6uAKzD=Pb*A}MgYeMN@DIJIXNF0V&sGA+ILWCmiWBQmOIkPhl((L&|5 zAFZakQ0{3vkgqW#Ge9@i2%PoGrD};;5*dEHW9Z3K)Af$vJ35m4#Z8KOjm>k9QPABb zY%&$tHcJJhH?gs9_F{sofy5|2#S516W z1Lg{GcX1@CB3pRU9%g;vf&JU@c3+yeOiJ7D(POrFy#0ip0?8((CdlHb96prj2e=lLi$e-em^QPtu(X7as#Hz`YEI=j;zi5<+ z=B$JuvEtt|SZ{T>_CO=$;F|fi%ItU{5kEXbpDQ5K?lKUIui5mbW))EU8Gg zQg@p)ADJR0{{H^=m+LJ_^%zUMt2y*sRX$h#+tBdvMJc*&(V{WfY8KytSQ=@yI&?Vj z>BIyIx$>W{LG^Ax0_l9MAehJD%8{~<$ftMP@4R%d*U7_F%4a|6zD&lJG#324s&hr) z7V7l|^ckL)JXHQ+zlo+|1mMpHfWR}6zULlAr?9(6?uHnIM=H-)jNqz=TW#n_qsO2? z0Wk=T(I3bi?i*pJ5U|<~%Kc>9o31Q^3ADf%`ky6b8h6M1s_*?kyn>dU)ldj*#@ z(HCnsyE*zz%VR5hF8b>~S5OC1SK@gmNz!k;G|MjSuKEn2^63J&ZVZKNZ5cWu`sER? zq&9VR#T8{`tLxqRyQAHMn9PigIU7Hf;16>CDNhPiiGA}(n$(iS&`GQ!D|@hm`34l~ z?1+fIkzuKNpDd`Ut8_-IshDegTxq%}%;;9h4@5BTlh$0X>O#QfJm9e5?1R5@4^}+P zP#CY&qyLOkLpj4VsPq~PzZ@HDOC=bFwaic;u~it{WBwC%qH^WSJ@n zhBsVTHrTDpHJO01<>{~Q7yCGeiwTOGe~7JpB+i&Vw5r=$gHNv%c6Eg)JPuaSbSzGF zQAu`c^(~WFYt(Ab7m|o*b1`t;EAkGZ1=Y0dd-mZYx5>rP&nvY;@8Y@J_e55!PFE}@8rE$D3ACWJ7T zqVP!5A(n`n~n5f#l>2|s^6%5c~dDlK!>kvxH3gvD-9Vz5ci}ip537cnlbFi zhm(@*LXeMcW0O_PMz>Mey66B1MDQoXL~u9^`Xq0!s;$~!zL5;6YUIkH-0Oh{oer0- zd5sny)Eeb!k{8q9pRluq?$We)U~P4<2V5h91=qo55ZNgTLqqP+`XPLTgb(d5j%uL4 z`g~(Y_nb~<$5_B0;-LDRd%gWVLBrD|Q2!|Hm!^v8QYUPY59nAIj522{@zzCUp8%qhfT6Z#U#i(*h667kYB;Pe(porOK1(XJWJ zis;r>d>PBTo>@xvmEyf1YdxeDS#yKL7f;R$flvoyrnTF!KGl$y4-#O!n`rE{U6^d0 zS+3#ckG;cS&dXT1SgnO;Rv+_h23-n2a}3@^%y6SNE^wK7D!;Th9HHud++0_ACuF!f zaIdM3lBhUbx2W~>SnuCGB8hWglE@Qu2r?4zbN*$&w%G3*Z|qz2p+}817-q@`n}IfV z0|!VNxL9eq_ouUs@b~*V_5(un!pY7}nqB5g6VLPXYVI1A?29W7n;a}0%8Prtt28s! z2h4&Ir9{s?TIpAw-dJsskonl`b=fT^b{xTvcK+~xT4*_c=*%5YHDtkIJAMX@qjnAf zsIcJpRurzGyFp>Tc-QL)^8*?_FHJtji6w~@J(IOgWT(0-QDoP-#sCM1;0db(5hK-C zm@zj1vhEcdPCh_mmY$c5J_CPKAT$BVBlEt_dm3OQXJl~2=4f|BQ#di>jg44LDcp}Z z7n%|@+z%5Jm0UJK9?E`iIKj*L~MEa?UxaXF}Y=Trz9hnptf=F$nMi2jaEqLVX;No(tl25d*|D|RC~C>4-b z(Ykt31~R+My_y(;fQs0sAy%Z3&urSP)oZ@m&XfnHG)0`ao#dyXU=AX|%IDT-v#C|n zB@QpFIE-Hs!{0$2#W4MXL2MBf6&gal*ukf!{cb_7$7EBMN%mR&%m2OYWDY~7G8HeY z<553_0GVOdw)-YsUCDrT56AWw??GHmyK8=@yTjPjb)1pTMvAXNsI1mUSQqO2maxEY^ySWf$2yWD|*9W2YT|Ai0?Uu()k*QV{+BYHj6>!YLGZ3S8$K##z)PWsR$VO11JInX zfg-HG{j1mDr%(US8bfu3NNis5Y6$H~KU~KSimo3kE&*)_wZ@TvAXM-{$aT#hyJ*5_ z+B-X(X5f4u$T9um%JxhbwGbyf&bPlu1Kc}4_!^g3PGHZIQ5M;!UO-dQthLxntX4MT z%Z&hXdH&J@t7M69H7^wKWri=a#;$ZBe8@Nj-fI}RF%%KF`4$hae09cBhC7%x5_LM|(Ef7OM17hv9kw9hrcb)rN4eIN+G$6^|-XWx5B;7iMpWe^CArgjR z9Rr7g!j!zz32hMVAlo3$vQm*+p#}g{z5B!oG=)V zLyB1*lU|7vwb|3)-KFuSB8-L%x zN-12O+dv=9VDWdH`Ch2jrMd6AW)5Or?v81-9?pd4q0psdMAY$s4tTvBnCI+UfZ)=e0 z44WCM>H5t$0b&wk)nTj7$D$Q0;ot#pi1lXE zd@HLx7E9&i9d?e8mLxoT0)?D)^(|qN9`m6fe97vqkbk80Iy~}Bs7zlWuoGE5`P76q z=ld23=qU&8Smzw4Z*lJ`?SwWt$Tcnk-dc=LBy}D8b#3GV|JsfQUA0(Zj(0+sTc)IT ze?=4U3&Q_sD!gK=K{4du*D_kEsur;EJNKW+YT=-)2k_~daV5TOtcc})ly@G31X0m` zlFOx;BlFo<3%Sb*yJn-)of8EL-mi?}N7~LES}Qk-`((@2Ldh$Dqk)JBAj|)+m+eha zLPO4jE?!x@tp7T6Oab3^^)vNd>0)E}Zgq+xb2sdEAh3BR8mP5ho-3q|nuC_9<%0~9 zxYoU`kM!@!bGcN<70YT*U68@mek5k#rT57fP0n zHS`4I`4|yqe64rEm4=AlEXK*h441;v-%6IB_wF>L6w2b8;ageo2(y- z>veZ2pXCxhrN9_9#WLt0*qfE1)NK8wTYoby#gt->sB-$D&X z4E2h?b(%nh8av-fG}at7VelS#>?N&PVZ*S9Pa9cKBBYg0{*#Dpq}iJL_toYHN(&^c zt}nf(9nWBcza?Eqp={PzH;(xa-|<|hpk70Z-rSwIW|$(Of!C&G$%@9G!8GOIh;C@T zwT;Y+sxD-AQ{QfKY6G@T3~9-)GkHVMYxN$QWNVbeh;gk}e&q_JnFq{kp%Y8!J98&q z5n}7@wn~Lc9iUCPx4H!qiozNeaX{RG)5FizS5U9J5=s+pRc>snpu>KRDw(<+h?qeo zyJ8{IP72(1etmW@i+xA-du!9-C=1@p<%1qWmok(3PO|SmaW-cQU8VjKg+$$Cp^6+2 zJBV1BetXD3C5&^rN|yR!SVKUm)2S}(1&1_=H25BHps$_^Ff2E|Ay&mqv%R zU|%8|MChO54lY+vJW{t^;I#Jq6X`7coyAY&#h3i8`DYt*znXWUpFQ<4f883;CQw8- zLSxeMd@~QXcRJf#+axV*?0MTjvg7dOmiPmK@WMADVtaenV>jclxJC8W*M4gV6H6BQ zg|6{EQ$7cECd;f$(H+!XyVGrk&q*R&qC|UM4506IF+Ymi__JOs$}`We+xByf%TC zvNw>`Z0g*Q*FWh%J{kui%^W)Tv_<+)Zx;@Doz}L?Xil$=QpI8xrS&R+O0F6=F&l=O zGPSP!Ynop!EdJ>Rz_Td+$S1_f@A+0*eAci=)G7%&19CtR%JeH*&^>11y^8N_|A!+q zAOIBJURelTpV$7~Zrq^&E`h8@^@ z?fi{^$M{>crK=nynaN8ytM{P^$Cvc0pGa=ManBCn+oi zgt^vz+@<)r**fGqo(#kaS#n(}qcI`^$M2C5Kl)3?kcgCW(n0dmy-nM>YB;SqJTh>1 z-{ZV}<)YaTUH)o$M3f1yoB8`s*?7{hRs%4NyL+XRGOM)RMaRA88-6;gr;qxa&7&iP zN_xVY1{yXVSJ_(@&_d0;0D`{+(zHVKwQtNNSQVWzxTq5&e|HLC7By?p0@j#2aF~=R z%C(S=JABrE0nMuUn<>X=RoNds8zHoSPI29YKC%2T7?_QKJ5+B2pC2F~XVbe=^GsSi zmdIvfGHfg`uXA$vmV8S18*hk(FU1ezMIGQ)62=5iyJR%K#W+UIqM!B?4B~}(y^z-6 z!MC++yUC|_70Du?-P`nc6z52ftJXdcXgJnuIHs(0{c7DtB_$_>-;VJ3QKdN5)qG}} z0;fN|=YMxZyQ_E3m=65$>mQMGqJcCFb$pr8Hq#*+(+bP|yl!6d8H>@W;=gK=f2Veo zpikhSZSMAGOpii!TwXw%b-t%TlNrH(lqgxkz^ts2S?oO!@%FG0ngBfA_qs1AfBpx5 zA2+^?y4wVDWP@u=sLIl#{eS}$=)u}JLl@;3nd#upmAidZ`~wO@4O-pySv0`2 z%lz?8BiVYt$$qU*^@pAT90`f3Z0d)8bKdTY%JgTD{&DLk688$2nqSel3No1+qmkWW z7|s$4L$$7ROL`zPrmB_vE8hTy)*N|Evbx}u&*d;M^m8_l!;bpd2l(;y6-uZ!uMY48 z!&N$&&;6BmF*_u;T(Wk`Y9SGgE+|i;8DSwAKTFer$FytakiA}*j{4+JtAHbR7^V(~745oG z^Tk5^V4>&MjjLKOPZmpj&Oa|)Ur$@g9X3koV^7?)@eZ9w8WZ|sbsxm*x3_B#8AAu9 zT@!^jnNIZij3x>jf4HXUuR*`ZX4+&UD&B69kO01}kxG}RC*hcW%vbc;hkfQ-uv(;3 zx2yagPw-|!yZ0EQS=;nRe7w{T!X|Z!lAstoWEmRZIrK&FC&JAE5~&hhYHRq!io^WX3lP|~-2(^!LwE|*s`K5w)!_oNFA1gDTP)`ou#1R&(5GAwu!fX&Q9$Rm?<19v zRuT{Wchg}eirg+Vi}wj^Q^mW7B@j@*S|T=v5_q?=*^Cis%L!|9PiH6h+DCO6$mcwL zIrZa|2o<7%T|~L34%e%?TV~S<{i1?+XmmODdZ_SE#Uh%w*1PaAw~6)THp>>vhU6S) zwD+@xvZ+BmbjcKYc<1z@ecP`b6(cmXYrzz0MTcZv74r(^MTra!$a39F*uX0Zcp?5azrB3%PS28dCI*1Cw5k?#ZNL>4z{!@fSGs5L-p0IFXmmco7AKW%5 z&S$f_(GU^y{QVNh@7}D1#D}~6?wfE_f2aH1m5dDp7SCTYH~usdobqscK4wO;Vs~6Q z!ir0T5;eev4t5iY#fTCg{k_md0IA-&FlkGXHLvxi7F2}~sY-+q8l zo^0>JR;(khdyOwzqwM2Q@H#Y_9kk(nL!u}2*2hB{fnS@%VPDx;l^{6qm?4IsO_2uT zv<|S?x8_Qb!GapGIV<_S)n`!uuHvFrT;w?g28>e9$zV6DyX*00=GGr&I4Msf!U|F1 z1|oZYPuU%URXkIjgidDFdkn30>uW`Z1I#mzxM-^)-$&gQt*#DL(j*fC*!ZW zQ$l>`RiW;;sih5!smVcK5c6Bv#TH>?ge4nP3OU4M`pJ7symK~EhoBDg!FRU(5YCDF z6GzfV48wRoW9JCghx3NdBkM7=?4&QkFJe^RyP>L$pV2Ifw!Mrk#5FvWPX-X6hPlRJ z{fdyTiG(i`ckq{ugm#>!Kz~L-AG3z5Ia~k`?$vYHIBdTdcFMO~={M2qh*@X)c=;CW zU@uKJ(unOyd_k|SO?*N51053KM_;ne!9g~qN`5KkPM}SJ=a)gWYPoiXfM`H%pQF!b z02$xYMHngtnGb4o+tHEtvU+{eS2i|#gx%9o<7GW{J1KF;mQMO#_hudzL+t_sg6fk< zEQc{*B_~cau_u7Ca3oB5_uWlsmgn+}{Gp0{E0&pO?V|pzgm<@k>Y~k{ro{aJsYm}& zRpbZy5qZ8oo(xnsCCHadceJ`ZL3`5qLB)i!Gc8%9m;K{0+WQgFo7o0eW*RjnbWd1} zm?$aF(*}{m*Jl&IU4B}2FNcEmD}_PN1p<=Z9mSFMo2Q*qYhr*i9JpYGSo9Bu6RJ*F zf(%-SWGB%Tx_?M(oM!Ig)OsIeFS)V|Z(QrN^ddA0#> z^{vle+H@e%cyBt;IlgI5p)h?fat5xFf6g`PozN5PbgHWB`rp562`|_9tGI=r(5U+S z5{cNyjK5AWg&!F#w8O`5Ei!R6lqdd`A5o&S;&r}Epxo@mT1WnC%iGfxb+%5TVX@I? zz|>fTT7J0MVnz7WpNGrgzD0a(-f}rpm1#7@-9HtdV9Dlu?y!FglMHbQ1#s=k|MK%Y z5m*p3_*0RRVu{b-81o{ws;C=iA>O4y$!w?1g@w>*o~HC*n>{}JvUjU+5HnsOI@;{; zuJJ}o1}PiH2zqE1nm{E%>kO!dTA2kN0oOV;KHej<;ugB zJGSMA2kS`*ujf!Z*wXLk(7KtE*XSm1N_U5dZ^6MSI){`2f5>EMFxMW`M{)I2VU)g<;Fq*ET zHD8vI!m{qoLWg^>WAiwnJzTD+pmhRklU&FsO-&n1eB%^)yAGv#VPqId1PHv{1zbeL zWIm650R@Zxv3#4ZP&ceD55&Url}!{(u_Vspw{~0hS)lVOWe9sk6mkhj;a}i4a0nEn z;#sNz6a)5ngp~RSQ$z1_Y;w#>9dsg{Z?m49=^>9+Y}<824)=|M+<5=`Q>Z(S0o){q z*}7OgQJ(+<^W)7Wg@arqJV|U(C$3uW{vX0Dbeck)m$_udq5bK45mZgkm)0;Cdw`vL zGI^93GMB;b&pP@rgzVa7#$?`*74M}GbPM$xFT20BwN4J_6w6~2%o1PwsLF|Sp42L| zG=uOy96v2L$?HuOqa9P3os(P9Jn8Pn4M+W-30&$rc!d8xA>j2O1t2^`U{Fy8ksF%N zm(LBhQ=DHE#6yCBo-wN*?`TRN)(P4n_T3_YKAB^3{t3y@w;_T2o7+e7o0FeFpGl!> zRSe?<_N+&tfTESPi^M&2#i)|PXT`Ud>u|q}CHR^N+fK#2@DZRw2E%UqX;>18#TxD5 zy`Zt1zKtJErD*y7TsEHyW78Vp`9e0`U;u$C_zBIKoqR)sR%m@7cl=lp44TLPDF{qj9MIEjE-!c zdJil-tt)H1EIvIWkKL@8&eePyTo)FD6nMS;T&<;Qbq%@w*VNgg(9js?v*HkW?j|!b zoh_z6e-QDE7vRbLd-PslMF)i=Fd6V=u(;DV?nK|C+xrUfZlikP4SPTWe~-?ZkV`e^ z0LQ2x?mX8KedK$MR8CZgyv$DWUuL%+@wVp7tXJJtsFWG`8E(xfF%oqlqONj9zIZ91X%pu>WAUp1Ns|PNlAI)nB|XtG}x8 z)$eiZ)8_1HFq>9vgH5V@^hbe2od=3Xko+V7$Z~oUxWg$FxYrSCL)@hD#qD4;wW{)G zZbq}ipEYfUl~xf+v?LK~0a+x+^O0NbGJzK)e|a)kyyYQBwH zm&CRybUe6L-~Sx(&B>&Xa_srSC;Q&tMRxdob+1K=@s^TdV)S;kLecqSn9j-n$d=GO z8S{uYWk;hT+%Y;|pWsUsIDuvuP0XM%TX=8N+!9wfX+;Li0^KDtYAS6_;#|LD{Db7H4^Pe7t2j-OiiS(CB496;1XHh-vGz|i!YPRa^1Px5)6iLhgV5l*-+ju|eK*S6x)#f^e6yHi0x13? zenKZ_ObHy209uWvsCSG>9ECf%ACh?U!2@1TaG3P9&H|8}W{F0$yd1wf;!GmUG$k!s@%uR=&1Q{e_pyKaP8lmq zWwd83GL$r5bVz2B4NiQc(g(K &*vR9WW>BWj+=quSxLcntAi!`1!~06{pv(P;h6 z>AiVCvvir)`B^B!eY#ZAq3`E@=QHJQ2m-+_Mu;3~wbH(!==LX^;`R0CIttXuz1*Lf zL-+TB>s}E+)Uln?bDVl#};% z1vqaXO8sY>`^5;fHu^V~iF{Uk()R@WH0fNcpTL#4=}WCzX8S)HjCa0ECexNpcsufi zA_wp70Vl(iL7J5t5}>+XzvqL#I7S3OJt6N(`nxqG6uX>pS;p?b+y@&K(DAu|uvxFU z#=YR3dVz@2q)f&cr8I=J^;uMj+aoe%25gkjZDX+2sXemMC zuZz_-4y@zwnt~D$Fg0ACe?;iq?QmLMk{sPpCBET-^>rCyh|KHPqmoh>ZuUxkzk>^S zD>T@XBfGewfk)kHFpE4glO8++gcmieD4K@Q=G!&H9dH`FLc3(Ay)Gl*^MtR~v(i@& zy*5b+GuezN^L)8nd*ABCQ#dRb?vm}cc^~ZRIeiesyaC*9P!-+>N2xvoYu$iI=7Tc1 zqv*@r2r=FWRlm8o1F+*7-iqVkSv~oFv=}%im-?f_Cf}19y+!1W)=P-9x+Wt^g>XiX z`=o$uHv54vtn54X{!xM&NQHHO&{ox~*ZHRLqx&9Az1X+4Sl(yufFZ7`wWgHTu&HYM zEfJCRQwH7o$fH?Ahj$7$qCahVGCjY+`i+mOp=p7&2Ud^Hx$o7vxhG!Xr2537?owAj;;?&pmvkg zi6R*tZnsX)j4m3Z_aBKgF~y>IuC2<0HngD19gi!M>EWK4g!aYZtugF|!|SUVDh$(N z;xVrJw?r3fzJ|}}_779$hrkW4nzA)k*!h$$ACE`jzddpcK5P_m#P`jLAh ztqOnKp@d51uJDzMG$#c%q|&@?{8}H7`IU}-d|9^+!dcK?2Y|#z_0&DI-FbPx-X`pL zXp3#=A>t>0vhdtRzE?3hqAk?cnk`-CbgsvyA3k>9;M&2C{6Nw@zB17T5A114aj!$# zuVFDe&ah?wEA`IfkAwHdq!4`vF?07647dD%%-uXC)KbTBcHI5XgbkS73n-7^=l-=7 z2(qEwjXL`r5}TI(ufA0ewA0CAf~hnf3B!ABHK#kX;XzV^!d>!(@X11r zCtmAR8ow`7l*u?ztE%L^J~6>T8%1w}SRR5&noh2=^pDSg=BpGi6x0$3n$#O$o*V5} z7Fbct_W?Pl-OSYshlBPC7;LV-7SE9wuDm^wpJudpx)OvNGng^ftbcI8sdS8%}bvN zMLc(qcBEo31mT1ZWK&_OS{QKp26BG+`(`#tl|64a48f%ij#yn;@cdaq^cfTFDI8r5?Rwh|%ud=! zZ72XplTu!Nj9w!fxdr>el1JUjk0ny=KVy+pV)I!q%#53;Qr_=?J&3Yxy|cEuMT5yS@2!pZ#6~2?~E2J78Mhmv5)9K&ueUE zo5a+b96gcP0OrLo%8<7a@=3ls4_U%3s?;Mw&+}Hp&pw%K{;*TW{(IDO9+ro?tVs+l z3GA<7__Go1UUwk`0zOILEKuCN@4;DKsi(QCYS^3i;PCdxwlly6+IMnROZVub zMTxLklZ|@s+sDfdiv4f95hfF{{+Rlt1sjzD{6p2hKu3cll%6>k)Gt4NEL7auE{8%0 z{8lSghB1#eTUs&#NOGkzAi0V}pqb7-bL;LStzUKXSwRFNPVI!%GJbYsD`J%3a=S!+ zRTJD3Rc7w_vC7V%6u}I_GCqeK&0gmC)MKcCbBq10>9PD_MPPGRd6c3Dy#hwt;rtb@ z^K5fZRDGR+gCRiZgKw6Sar4aS6?g`PqRvHU0Eg;Z?{U%c8J?enm{0oGeuE1jgzZ&Z zN{Z}TtG!x(_rL5kUvV6UwWw(SzU(bx{$ zeeo@R+j@5QiwXZ%eDOu}FOBEj8l7fec{VKLVCasQ`TP{vQA|@yNKY9`4RBaE zb^htU!C$(b0Zn?CG?de9JPv}t=_gp=794&xzTU;@fR{v!#0h#dut&2VX)HpSC}SX3 zSj6l37?vck&x^|YdQ4(vej85NhMZ#d<*%o+w*)??mdho7ZQ}D_(l7ZA^!t2ceLqXW8R4D8hI;zT4O{Tl6k{=?#O74ZPKWlXU|CMzm{!p)97$ZAl$(D;j zDuiTT#uiETCCR=dT-R8`SVlvX$dWZ##$MU?osne*G4||hvZk>N8iU`|z1{BT^ZWh< z-}k)ld!F;2=Q-yz^!f+4X?lDnA_)!rgclL_Y7FpDMUqh!1nk)s>f;o>cH5}62i;LS-mMv;kNA-mO!kzLqE=svGd z;P!5fS@L8?K*C%D_~Xtj=uOZUr+%KJ!uNO4WPdN-4M;as)Uq8?}2Zq$i4 zjp@CK*1Gq8H>}!0ePGO1NPcPG zyVm}|5dUetCt0Uvqkk4Ap>yoX(K_XllEgc6GnqmB>sEak8=;;Fo%NM_b1WzGNrme^ z+vd=_YV(wj=@NQYw>~iET1CVW#6BE*$k6lHl1q2%A-B7xqdG+>OX-?bh z38!>XS(Z{vlNDYpmb?&tMwN<9=;4&}TSGXR`XOSg%r^MlLjx&^NF8-^(2Bn*%98q{`wrajdO0WK5MfLbSxPy`$L5|2OTsxWi|M&S(q48!lr#fthkJ1d|Em5a2HQ z0aZG3fuY1-F$#1d0VD)Y(j>X<*@uwvZkt2HK#TftgHMyfTr!Y?jBl--Psbk!203hL zj(JgPkdW4IjlI7s>5O4NKZ6TDizrxSPjrw9{w&u|>4(5u6#mRnepN>ho)x@>R#TWA z5k+F*Soq=*`ptuV@~`;eO%0Zx`Kc~`^0P^~h>zm!9zKM?Z zT?R=p%PMIxs(6m?UdATv5>Q?4IbkyECRj(M#|SMW3U;39n4_1g8J#-Re*es=oE^oA z;83-jj(Kgm)alLK{s@aadzu!0PVjl)aDl&&e%Xvu9=1&W`0K>n_U4b*dP=&?d!19c8{ja7W@Oc`JUWdqPsyu#4!N@lp;oA$hLN?>$V7nDp(j)(OQFYDjTyfgV? zpZiHXO;V1h&RrbgM1AM7?pfL=p@k-|m-=5%BVm?D($>n*p<-R)zRQwBDsa>#hB3&O zGmZOe17#3L5_mZ(CXbk7FpAh)z2@}d;+`diMx6Cv7FdUtO|;N;)OosEy7WJHg!%_U zbkL0^V_(aLQV(R-n@`^_9>&HdD0k4wRVnl)Ud@xOepqPw&X|aDhfyc2^^1MSONnB0 zE519k3n`WjNkS&i$MrJgG`M8l^Hk&m`1W{Uau>MQKr`mt0G5sG4_^*AInT~f-HZwjvjV|r@Or7CypZ?BRbf4Fe9HgAzs;! zSiUh#;eNuv5oyh;3A)WFhqrXWwB33Z+k@V%O`MEC@|`JK)&=7xrCqpxNDOD4$d6ay z5Nf_ZD8-qN;8yLvk%#&oqRwIF;3!_0@yPjENLX2hqP}c71&qBB2pTdmBzF)b^Z7C; z5d7-0w(drD@T-x0?M@y|u^|sa&@m?QYWG*m5+w=lnqN-Ylb4^7hM4;c;%Cdlw}mz^ zD|bh;<`WymQ*8i3ah31`Qi;)(=tFW@Prr`dxIe%NY@!cbF@?0L+6vyEIcmR7 zX5w+1>TybY75CQgIIfmGC;3|U@uxQ*1xKccSq_wYXFrXsP$;RP49V{K2`vpi&wcRJ+$oWNHDhXQBSSvpVeM^uSvK3`S_YQ%LWA zRk!?rWkpg?%$v>RxXc%;I=vjPuIMeBP%Llki?xPOUCDltoGd^dS0wiH~mY8fmT!jQgVG1qR>P&M3 z_$w}66q@Q`NeDFFZK za<`7}YTv!->Ld2@P2SG~+86fMQd&lfFwa%2wh`xX#i1Iuer{TtG$Ei>=PCN3g;3jg zskX(GGUM)>6R;am0lUk)@;Iidwar>L->}jM#%e0ZE(x6*LPwCp`jDo+*8*JdZ8dPr z3NSY0sT8@HO6GJu)-{jwg{rOq$&q`-2r1mLD_$8CNJs#?tYC0&Hni%0F7uz&&T>&< z`;%L2p*HWttXu3(ciLooit_&TUcX#DJctP{<=Xks92|&CD6O28aHKb7uvVD|D}DIJ zzo*ZvMrg1&PK#B;TQztln3dXGEgQDmkaWYFn*?M2QgO9N1u*rbvX?MqA0ez&b`mND zzsT_e@Q+z?^Zwe%bzoibjY#3|zGci_HZ@)MO&@fBmYkf9uq5L?44*?ngXzQ3Y8iZt zH^h~)69D=)IcBBJL-vQeK&bF3%h*=2eiBG6m@oQ@Zu-(h?SfK`Ws5H>WfiZ-IJHh{ zBn9r97^=kh-F0FiM7QuQhp|tI53fr)iz0}UH7ij>_8_+dyfP$3S?(egNB|U>v@PNCGhz6TH5}Nf$~oYUxzyZ(L60d0ckv#Wyw*BnI}()LJ~@sEq}!l{5|0i zmx6D}E?fWMn$8kHA~Rc0-rq*`*u`Mf_1AX-Hk z;W+%e*_7fb zWaj8;oHa4vA6x_5qJ=)IWDDgnEBif>3YlTVYT+k=Zy&~S)BjK^{KNGi!Eq#Pm`c)C zXL|0o6;G>}23_oI5_`FiGiG+b2mvtt1$h4+naOBmsioKCv7lJ@%PlDHZp$0&ch3*0 zWHc%U@!)%IGK{pm4?~6vxcTZZtyjvOU{jYyx_YZiYP3P?GRsSvU9?hbErkSwtUbPyf$f2104^JgUIZK5V zJT58#nEl_1f|y7#%@p(U*d4e(qbI{LirNiX#->~uvEA`N2{*@^BY0%p5`lT9k3C= zfZRW`pVw3h$#M9@KNV8Hm1G@cwFa*MLID{Ffg38J)~l(4~#UqO%vqZss>|gsSi^$(!_Q8rDq*K91$YMT_MB~ zij!U}HH}=}3K=YF2 znoq?SK|(@GqOGB3y1&tH*WEpiHOVh6L9HuFkgk{W4O}$nwSD!N?hXBaV&{=JO$ll>}=`tPv^aJfICC+>A z%~NC`(|1+2XG6FKEt-GZ6@E@Z7O>&KuQmUk@%p`EZmuPPgSZP3#>#9L)BhhQKulC? so*&$T*fP{m;$3m^V4e>s6U_c;XuDw+b2%*Ef`s^KYwBy1soRD952wL<$N&HU literal 0 HcmV?d00001 diff --git a/docs/security.adoc b/docs/security.adoc index 4b40250..49d78e2 100644 --- a/docs/security.adoc +++ b/docs/security.adoc @@ -1,100 +1,42 @@ -## Securing Quarkus APIs with Keycloak +## Securing Quarkus APIs -This exercise demonstrates how your Quarkus applications can use https://keyloak.org[Keycloak] to protect your JAX-RS applications using _bearer token authorization_, where these tokens are issued by a Keycloak Server. +Bearer Token Authorization is the process of authorizing HTTP requests based on the existence and validity of a bearer token representing a subject and her access context, where the token provides valuable information to determine the subject of the call as well whether or not a HTTP resource can be accessed. This is commonly used in OAuth-based identity and access management systems like https://keycloak.org[Keycloak], a popular open source project. In this exercise we'll show you how to use https://github.com/eclipse/microprofile-jwt-auth/releases/download/1.1.1/microprofile-jwt-auth-spec.pdf[Microprofile JSON Web Token (JWT) RBAC], https://keyloak.org[Keycloak] and https://en.wikipedia.org/wiki/OAuth[OAuth] in your Quarkus applications. -Bearer Token Authorization is the process of authorizing HTTP requests based on the existence and validity of a bearer token representing a subject and her access context, where the token provides valuable information to determine the subject of the call as well whether or not a HTTP resource can be accessed. +## Add Keycloak + JWT to Quarkus -Keycloak is a OAuth 2.0 compliant Authorization Server, capable of issuing access tokens so that you can use them to access protected resources. We are not going to enter into the details on what OAuth 2.0 is and how it works but give you a guideline on how to use OAuth 2.0 in your JAX-RS applications using the Quarkus Keycloak Extension. - -If you are already familiar with Keycloak, you’ll notice that the extension is basically another adapter implementation but specific for Quarkus applications. Otherwise, you can find more information in Keycloak documentation. - -## Add Keycloak to Quarkus - -Like other exercises, we'll need another extension to enable the use of Keycloak. Install it with: +Like other exercises, we'll need another extension to enable the use of Keycloak and MicroProfile JWT. Install them with: [source,sh,role="copypaste"] ---- -mvn quarkus:add-extension -Dextensions="keycloak" +mvn quarkus:add-extension -Dextensions="keycloak, jwt" ---- -This will add the necessary entries in your `pom.xml` to bring in the Keycloak extension which is an implementation of a Keycloak Adapter for Quarkus applications and provides all the necessary capabilities to integrate with a Keycloak Server and perform bearer token authorization. +This will add the necessary entries in your `pom.xml` to bring in the Keycloak and JWT extensions. -## Create secured endpoints +## Configure Quarkus for MicroProfile JWT -Create a new class in the `org.acme.people.rest` package called `SecuredResource` with the following code which will create **three new secured endpoints** all beginning with `/secured`: - -[source,java,role="copypaste"] ----- -package org.acme.people.rest; - -import javax.annotation.security.RolesAllowed; -import javax.inject.Inject; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.MediaType; - -import org.jboss.resteasy.annotations.cache.NoCache; -import org.keycloak.KeycloakSecurityContext; - -@Path("/secured") -public class SecuredResource { - - @Inject - KeycloakSecurityContext keycloakSecurityContext; // <1> - - @GET - @Path("/me") // <2> - @RolesAllowed("user") - @Produces(MediaType.APPLICATION_JSON) - @NoCache - public User me() { - return new User(keycloakSecurityContext); - } - - @GET - @Path("/admin") // <3> - @RolesAllowed("admin") - @Produces(MediaType.TEXT_PLAIN) - public String admin() { - return "granted"; - } - - - @GET - @Path("/confidential") // <4> - @Produces(MediaType.TEXT_PLAIN) - public String confidential() { - return "confidential"; - } - - public class User { - - private final String userName; - - User(KeycloakSecurityContext securityContext) { - this.userName = securityContext.getToken().getPreferredUsername(); - } - - public String getUserName() { - return userName; - } - } -} ----- -<1> The `KeycloakSecurityContext` is an object produced by the Keycloak extension that you can use to obtain information from tokens sent to your application. In the source code above we are using this object to access the token representation and obtain the username of the user represented by the token. -<2> Here we are using a `@RolesAllowed` annotation for the `/secured/me` endpoint to make sure that only users granted with the `user` role (i.e. are logged in) can access the endpoint. -<3> For the `/secured/admin` we only want administrators (those granted the `admin` role in our identity management system) to be able to access -<4> For the `/api/confidential` there is no explicit access control defined to this endpoint. The Keycloak extension will enforce access to this endpoint based on the policies defined in the Keycloak Server. For now, don’t worry about how the extension enforces access to `/api/confidential`. Just keep in mind that there is some configuration that we need to define to make this happen. - -## Configuring using the application.properties file - -The Keycloak extension allows you to define the adapter configuration using either the `application.properties` file or using a `keycloak.json`. Open up your `application.properties` file and add the following configuration for Keycloak: +Some configuration of the extensions is required. Add this to your `application.properties`: [source,none,role="copypaste"] ---- -quarkus.keycloak.realm=quarkus # <1> -quarkus.keycloak.auth-server-url=http://{{ KEYCLOAK_URL }}/auth +mp.jwt.verify.publickey.location=META-INF/resources/publicKey.pem # <1> +mp.jwt.verify.issuer=https://quarkus.io/using-jwt-rbac # <2> +quarkus.smallrye-jwt.auth-mechanism=MP-JWT # <3> +quarkus.smallrye-jwt.realm-name=quarkus + +---- +<1> Sets public key location for JWT authentication. This file has been created for you. +<2> Issuer URL. This must match the incoming JWT `iss` _claims_ or else authentication fails. +<3> Sets authentication mechanism name to `MP-JWT`, the MicroProfile JWT RBAC specification standard name for the token based authentication mechanism. + +## Configuring Keycloak + +Next, add these to your `application.properties` for Keycloak: + +[source,none,role="copypaste"] +---- +quarkus.keycloak.realm=quarkus +quarkus.keycloak.auth-server-url={{ KEYCLOAK_URL }}/auth quarkus.keycloak.resource=backend-service quarkus.keycloak.bearer-only=true quarkus.keycloak.credentials.secret=secret @@ -110,9 +52,118 @@ We are using the same Keycloak instance that we use for Eclipse Che, and have pr For more details about this file and all the supported options, please take a look at https://www.keycloak.org/docs/latest/securing_apps/index.html#_java_adapter_config[Keycloak Adapter Config]. +## Create secured endpoints + +Create a new class in the `org.acme.people.rest` package called `SecuredResource` with the following code which will create **four new secured endpoints** all beginning with `/secured`: + +[source,java,role="copypaste"] +---- +package org.acme.people.rest; + +import java.security.Principal; +import java.util.Optional; + +import javax.annotation.security.RolesAllowed; +import javax.enterprise.context.RequestScoped; +import javax.inject.Inject; +import javax.json.JsonString; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.SecurityContext; + +import org.eclipse.microprofile.jwt.Claim; +import org.eclipse.microprofile.jwt.Claims; +import org.eclipse.microprofile.jwt.JsonWebToken; +import org.jboss.resteasy.annotations.cache.NoCache; +import org.keycloak.KeycloakSecurityContext; + +@Path("/secured") +@RequestScoped // <1> +public class SecuredResource { + + @Inject + KeycloakSecurityContext keycloakSecurityContext; // <2> + + @Inject + JsonWebToken jwt; // <3> + + @Inject + @Claim(standard = Claims.iss) + Optional issuer; // <4> + + @GET + @Path("/me/jwt") + @PermitAll + @Produces(MediaType.TEXT_PLAIN) + public String meJwt(@Context SecurityContext ctx) { // <5> + Principal caller = ctx.getUserPrincipal(); + String name = caller == null ? "anonymous" : caller.getName(); + boolean hasJWT = jwt != null; + + final StringBuilder helloReply = new StringBuilder(String.format("hello %s, isSecure: %s, authScheme: %s, hasJWT: %s\n", name, ctx.isSecure(), ctx.getAuthenticationScheme(), hasJWT)); + if (hasJWT && (jwt.getClaimNames() != null)) { + helloReply.append("Injected issuer: [" + issuer.get() + "]\n"); + jwt.getClaimNames().forEach(n -> { + helloReply.append("\nClaim Name: [" + n + "] Claim Value: [" + jwt.getClaim(n) + "]"); + }); + } + return helloReply.toString(); + } + + @GET + @Path("/me") // <5> + @RolesAllowed("user") + @Produces(MediaType.APPLICATION_JSON) + @NoCache + public User me() { + return new User(keycloakSecurityContext); + } + + @GET + @Path("/admin") // <6> + @RolesAllowed("admin") + @Produces(MediaType.TEXT_PLAIN) + public String admin() { + return "granted"; + } + + + @GET + @Path("/confidential") // <7> + @Produces(MediaType.TEXT_PLAIN) + public String confidential() { + return "confidential"; + } + + public class User { // <8> + + private final String userName; + + User(KeycloakSecurityContext securityContext) { + this.userName = securityContext.getToken().getPreferredUsername(); + } + + public String getUserName() { + return userName; + } + } +} +---- +<1> Adds a `@RequestScoped` as Quarkus uses a default scoping of `ApplicationScoped` and this will produce undesirable behavior since JWT claims are naturally request scoped. +<2> The `KeycloakSecurityContext` is an object produced by the Keycloak extension that you can use to obtain information from tokens sent to your application. +<3> `@JsonWebToken` provides access to the claims associated with the current authenticated JWT token. +<4> When using JWT Authentication, claims encoded in tokens can be `@Inject` ed into your class for convenient access. +<5> The `/me` and `/me/jwt` endpoints demonstrate how to access the security context for Quarkus apps secured with JWT or Keycloak. In the first one we are using a `@RolesAllowed` annotation to make sure that only users granted with the `user` role (i.e. are logged in) can access the endpoint. The `/me/jwt` shows how to access claims. +<6> For the `/secured/admin` we only want administrators (those granted the `admin` role in our identity management system) to be able to access +<7> For the `/api/confidential` there is no explicit access control defined to this endpoint. The Keycloak extension will enforce access to this endpoint based on the policies defined in the Keycloak Server. For now, don’t worry about how the extension enforces access to `/api/confidential`. Just keep in mind that there is some configuration that we need to define to make this happen. +<8> Simple POJO to encapsulate the data model of a Keycloak user. + ## Rebuild and redeploy app -First, re-build the app using the command palette and selecting **Build Executable JAR**. Once that's done, run the following command to re-deploy: +First, re-build the app using the command palette and selecting **Create Executable JAR**. Once that's done, run the following command to re-deploy: [source,sh,role="copypaste"] ---- @@ -139,51 +190,47 @@ Get a token for user `alice` with this command: [source,sh,role="copypaste"] ---- export ALICE_TOKEN=$(\ - curl -X POST http://{{KEYCLOAK_URL}}/auth/realms/quarkus/protocol/openid-connect/token \ + curl -X POST {{KEYCLOAK_URL}}/auth/realms/quarkus/protocol/openid-connect/token \ --user backend-service:secret \ -H 'content-type: application/x-www-form-urlencoded' \ -d 'username=alice&password=alice&grant_type=password' | jq --raw-output '.access_token' \ ) + echo $ALICE_TOKEN ---- -This issues a `curl` command to Keycloak (using `backend-service` credentials which is a special user that is allowed acess to the Keycloak REST API), and fetches a token for Alice using their credentials. You can see the value of this token: - -[source,sh,role="copypaste"] ----- -echo $ALICE_TOKEN ----- +This issues a `curl` command to Keycloak (using `backend-service` credentials which is a special user that is allowed acess to the Keycloak REST API), and fetches a token for Alice using their credentials. Any user is allowed to access the `/secured/me` endpoint which basically returns a JSON payload with personal details about the user that's part of the `KeycloakSecurityContext` object. -[NOTE] -==== -There are other APIs you can use if you try to auto-complete the method name using Che, e.g. `getBirthDate()` or `getPicture()`. Place the cursor just after `securityContext.getToken().` and press CTRL-SPACE to see them: - -::img -==== - -Try out the secured API as Alice: +Try out the Keycloak-secured API as Alice: [source,sh,role="copypaste"] ---- -curl -v -X GET \ +curl -X GET \ http://$(oc get route people -o=go-template --template='{{ .spec.host }}')/secured/me \ -H "Authorization: Bearer $ALICE_TOKEN" ---- You should see: -[source,none] +[source,json] ---- -TODO: OUTPUT +{"userName":"alice"} ---- +[NOTE] +==== +There are other APIs you can use if you try to auto-complete the method name using Che, e.g. `getBirthDate()` or `getPicture()`. Place the cursor just after `securityContext.getToken().get` and press CTRL-SPACE to see them: + +image::secapis.png[apis, 800] +==== + ### Test Admin The `/secured/admin` endpoint can only be accessed by users with the `admin` role. If you try to access this endpoint with the previously issued access token, you should get a 403 response from the server. Try it: [source,sh,role="copypaste"] ---- -curl -v -X GET \ +curl -X GET \ http://$(oc get route people -o=go-template --template='{{ .spec.host }}')/secured/admin \ -H "Authorization: Bearer $ALICE_TOKEN" ---- @@ -192,7 +239,7 @@ You should see: [source,none] ---- -TODO: OUTPUT +Access forbidden: role not allowed ---- Failed as expected! Obtain an Admin token: @@ -200,7 +247,7 @@ Failed as expected! Obtain an Admin token: [source,sh,role="copypaste"] ---- export ADMIN_TOKEN=$(\ - curl -X POST http://{{KEYCLOAK_URL}}/auth/realms/quarkus/protocol/openid-connect/token \ + curl -X POST {{KEYCLOAK_URL}}/auth/realms/quarkus/protocol/openid-connect/token \ --user backend-service:secret \ -H 'content-type: application/x-www-form-urlencoded' \ -d 'username=admin&password=admin&grant_type=password' | jq --raw-output '.access_token' \ @@ -208,9 +255,10 @@ export ADMIN_TOKEN=$(\ ---- And try again with your new token: + [source,sh,role="copypaste"] ---- -curl -v -X GET \ +curl -X GET \ http://$(oc get route people -o=go-template --template='{{ .spec.host }}')/secured/admin \ -H "Authorization: Bearer $ADMIN_TOKEN" ---- @@ -219,7 +267,7 @@ You should see: [source,none] ---- -TODO: OUTPUT +granted ---- Success! @@ -237,11 +285,14 @@ curl -v -X GET \ -H "Authorization: Bearer $ADMIN_TOKEN" ---- -You should see: +You should see in the returned HTTP headers: [source,none] ---- -TODO: output +< HTTP/1.1 403 Forbidden +< Content-Length: 0 +< Date: Mon, 15 Jul 2019 14:13:27 GMT +< Set-Cookie: 199a0e26f45fa42c8974157b896962e3=d0ea1fac5248f71f70eee9941b4902f1; path=/; HttpOnly ---- Failed as expected! @@ -251,7 +302,7 @@ To access the confidential endpoint, you should obtain an access token for user [source,sh,role="copypaste"] ---- export JDOE_TOKEN=$(\ - curl -X POST http://{{KEYCLOAK_URL}}/auth/realms/quarkus/protocol/openid-connect/token \ + curl -X POST {{KEYCLOAK_URL}}/auth/realms/quarkus/protocol/openid-connect/token \ --user backend-service:secret \ -H 'content-type: application/x-www-form-urlencoded' \ -d 'username=jdoe&password=jdoe&grant_type=password' | jq --raw-output '.access_token' \ @@ -262,7 +313,7 @@ And access the confidential endpoint with your new token: [source,sh,role="copypaste"] ---- -curl -v -X GET \ +curl -X GET \ http://$(oc get route people -o=go-template --template='{{ .spec.host }}')/secured/confidential \ -H "Authorization: Bearer $JDOE_TOKEN" ---- @@ -271,28 +322,52 @@ You should see: [source,none] ---- -TODO: OUTPUT +confidential ---- -Success! +Success! Even though our code did not explicitly protect the `/secured/confidential` endpoint, we can protect arbitrary URLs in Quarkus apps when using Keycloak and MicroProfile JWT. + +### Test JWT Authentication + +Use Alice's token to access the JWT endpoint: + +[source,sh,role="copypaste"] +---- +curl -X GET \ + http://$(oc get route people -o=go-template --template='{{ .spec.host }}')/secured/me/jwt \ + -H "Authorization: Bearer $ALICE_TOKEN" +---- + +You should see: + +[source,none] +---- +hello alice, isSecure: false, authScheme: MP-JWT, hasJWT: true +Injected issuer: ["http://keycloak-che.apps.cluster-orlando-c811.orlando-c811.openshiftworkshop.com/auth/realms/quarkus"] + +Claim Name: [sub] Claim Value: [eb4123a3-b722-4798-9af5-8957f823657a] +Claim Name: [email_verified] Claim Value: [false] +Claim Name: [raw_token] Claim Value: [omitted][ +Claim Name: [iss] Claim Value: [http://keycloak-che.apps.cluster-orlando-c811.orlando-c811.openshiftworkshop.com/auth/realms/quarkus] +Claim Name: [groups] Claim Value: [[]] +Claim Name: [typ] Claim Value: ["Bearer"] +Claim Name: [preferred_username] Claim Value: [alice] +Claim Name: [acr] Claim Value: [1] +Claim Name: [nbf] Claim Value: [0] +Claim Name: [realm_access] Claim Value: [{"roles":["user"]}] +Claim Name: [azp] Claim Value: [backend-service] +Claim Name: [auth_time] Claim Value: [0] +Claim Name: [scope] Claim Value: ["email profile"] +Claim Name: [exp] Claim Value: [1563210121] +Claim Name: [session_state] Claim Value: ["816e22c9-5dcb-4b8a-b90f-005b25e145e1"] +Claim Name: [iat] Claim Value: [1563209821] +Claim Name: [jti] Claim Value: [5010b2eb-bb49-4f25-94e4-309d87a041b4] +---- + +As you can see, the JSON Web Token (generated via Keycloak) was used to authenticate Alice, and show all of the various claims encoded in the JWT Token. You are also able to access claims using standard `@Inject` fields which are populated with claims when a request comes in (it can be seen above in the `Injected issuer` line near the beginning). + +You can try it again using other users' tokens (just run the same `curl` again and replace `ALICE_TOKEN` with `JDOE_TOKEN` or `ADMIN_TOKEN` which you set up earlier). ## Congratulations! -This exercise demonstrated how your Quarkus application can use Keycloak to protect your JAX-RS applications using bearer token authorization, where these tokens are issued by a Keycloak Server. - -Quarkus has a number of other security-related features, such as: - -* JSON Web Token support for Access Control - Quarkus application can utilize the https://microprofile.io/project/eclipse/microprofile-jwt-auth[MicroProfile JWT RBAC] to provide secured access to the JAX-RS endpoints. See https://quarkus.io/guides/jwt-guide[this guide] for more detail. - -* Quarkus comes with integration with the https://docs.jboss.org/author/display/WFLY/WildFly+Elytron+Security[Elytron security subsystem] to allow for RBAC based on the common security annotations `@RolesAllowed`, `@DenyAll`, `@PermitAll` on REST endpoints. See https://quarkus.io/guides/security-guide[this guide] for details. - - - - - - - - - - - +This exercise demonstrated how your Quarkus application can use MicroProfile JWT in conjunction with Keycloak to protect your JAX-RS applications using JWT claims and bearer token authorization. diff --git a/files/quarkus-realm.json b/files/quarkus-realm.json new file mode 100644 index 0000000..f4a5b4d --- /dev/null +++ b/files/quarkus-realm.json @@ -0,0 +1,1619 @@ +{ + "id" : "11d78bf6-6d10-4484-baba-a1388379d68b", + "realm" : "quarkus", + "notBefore" : 0, + "revokeRefreshToken" : false, + "refreshTokenMaxReuse" : 0, + "accessTokenLifespan" : 3000, + "accessTokenLifespanForImplicitFlow" : 9000, + "ssoSessionIdleTimeout" : 1800, + "ssoSessionMaxLifespan" : 36000, + "ssoSessionIdleTimeoutRememberMe" : 0, + "ssoSessionMaxLifespanRememberMe" : 0, + "offlineSessionIdleTimeout" : 2592000, + "offlineSessionMaxLifespanEnabled" : false, + "offlineSessionMaxLifespan" : 5184000, + "accessCodeLifespan" : 60, + "accessCodeLifespanUserAction" : 300, + "accessCodeLifespanLogin" : 1800, + "actionTokenGeneratedByAdminLifespan" : 43200, + "actionTokenGeneratedByUserLifespan" : 300, + "enabled" : true, + "sslRequired" : "none", + "registrationAllowed" : false, + "registrationEmailAsUsername" : false, + "rememberMe" : false, + "verifyEmail" : false, + "loginWithEmailAllowed" : true, + "duplicateEmailsAllowed" : false, + "resetPasswordAllowed" : false, + "editUsernameAllowed" : false, + "bruteForceProtected" : false, + "permanentLockout" : false, + "maxFailureWaitSeconds" : 900, + "minimumQuickLoginWaitSeconds" : 60, + "waitIncrementSeconds" : 60, + "quickLoginCheckMilliSeconds" : 1000, + "maxDeltaTimeSeconds" : 43200, + "failureFactor" : 30, + "roles" : { + "realm" : [ { + "id" : "3fc80564-13ac-4e7b-9986-322f571e82bc", + "name" : "confidential", + "composite" : false, + "clientRole" : false, + "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b", + "attributes" : { } + }, { + "id" : "39eb64c8-66a9-4983-9c81-27ea7e2f6273", + "name" : "uma_authorization", + "description" : "${role_uma_authorization}", + "composite" : false, + "clientRole" : false, + "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b", + "attributes" : { } + }, { + "id" : "8c1abe12-62fe-4a06-ae0d-f5fb67dddbb0", + "name" : "admin", + "composite" : false, + "clientRole" : false, + "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b", + "attributes" : { } + }, { + "id" : "5afce544-6a3c-495f-b805-fd737cf5081e", + "name" : "user", + "composite" : false, + "clientRole" : false, + "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b", + "attributes" : { } + }, { + "id" : "bc431d62-a80a-425b-961a-0fb3fc59006d", + "name" : "offline_access", + "description" : "${role_offline-access}", + "composite" : false, + "clientRole" : false, + "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b", + "attributes" : { } + } ], + "client" : { + "realm-management" : [ { + "id" : "7db1f38d-d436-4725-93fd-030a3bbe628e", + "name" : "manage-identity-providers", + "description" : "${role_manage-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "1163b9bd-7319-4154-a25f-0101b2548d21", + "name" : "impersonation", + "description" : "${role_impersonation}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "73d0a556-072b-404f-bf8e-10e2544c8c27", + "name" : "view-identity-providers", + "description" : "${role_view-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "7e727e28-2095-4443-b2da-865e684f2308", + "name" : "view-realm", + "description" : "${role_view-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "df9e5352-f835-4467-bcaf-cb1b5f55c1ec", + "name" : "query-users", + "description" : "${role_query-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "fa77909a-32a3-41ae-9983-2b92ae03080c", + "name" : "manage-clients", + "description" : "${role_manage-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "a8780507-dc72-4433-8b95-b8e4f3c37d0e", + "name" : "manage-events", + "description" : "${role_manage-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "f7f4697a-3977-42f6-af86-9bb006cf4d04", + "name" : "realm-admin", + "description" : "${role_realm-admin}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "impersonation", "manage-identity-providers", "view-identity-providers", "view-realm", "query-users", "manage-clients", "manage-events", "manage-realm", "view-authorization", "manage-authorization", "view-users", "create-client", "query-clients", "query-groups", "manage-users", "view-clients", "view-events", "query-realms" ] + } + }, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "ca7dc1ce-a981-4efe-b3f0-a7192b6d3943", + "name" : "manage-realm", + "description" : "${role_manage-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "a0ab4faa-00a9-4f52-ac9f-8e764b6a8126", + "name" : "view-authorization", + "description" : "${role_view-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "0b4ed5e0-eceb-4d81-ba05-fa67022abe59", + "name" : "manage-authorization", + "description" : "${role_manage-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "c10336be-06f3-40ef-bef5-28d8c9b8a1e2", + "name" : "create-client", + "description" : "${role_create-client}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "1a1ffadc-11d5-44ea-bac0-d94372c8ae5c", + "name" : "view-users", + "description" : "${role_view-users}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "query-groups", "query-users" ] + } + }, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "5ba9a1a3-9027-4531-8253-b91f6058513c", + "name" : "query-clients", + "description" : "${role_query-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "b4fba807-7a7e-4e3e-bd31-45703305a9e3", + "name" : "query-groups", + "description" : "${role_query-groups}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "c9384254-0af3-434c-b4ed-7c94f59a8247", + "name" : "manage-users", + "description" : "${role_manage-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "9a0022f2-bd58-4418-828c-a8e7abe3346b", + "name" : "view-clients", + "description" : "${role_view-clients}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "query-clients" ] + } + }, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "83df8311-4366-4d22-9425-eccc343faa3f", + "name" : "view-events", + "description" : "${role_view-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + }, { + "id" : "e81bf277-047f-4bdd-afd6-59e2016c5066", + "name" : "query-realms", + "description" : "${role_query-realms}", + "composite" : false, + "clientRole" : true, + "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748", + "attributes" : { } + } ], + "security-admin-console" : [ ], + "admin-cli" : [ ], + "backend-service" : [ { + "id" : "df147a91-6da7-4bbc-866c-f30cf99b2637", + "name" : "uma_protection", + "composite" : false, + "clientRole" : true, + "containerId" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc", + "attributes" : { } + } ], + "broker" : [ { + "id" : "d36865b0-7ade-4bcd-a7dc-1dacbd80f169", + "name" : "read-token", + "description" : "${role_read-token}", + "composite" : false, + "clientRole" : true, + "containerId" : "53d4fe53-a039-471e-886a-28eddc950e95", + "attributes" : { } + } ], + "account" : [ { + "id" : "539325a0-d9b3-4821-97ee-d42999296b62", + "name" : "view-profile", + "description" : "${role_view-profile}", + "composite" : false, + "clientRole" : true, + "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d", + "attributes" : { } + }, { + "id" : "e4af836c-c884-4a57-8b1d-fb673b0fe3a5", + "name" : "manage-account", + "description" : "${role_manage-account}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "manage-account-links" ] + } + }, + "clientRole" : true, + "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d", + "attributes" : { } + }, { + "id" : "35d1c998-bcae-4ab1-a026-4c67bff49a98", + "name" : "manage-account-links", + "description" : "${role_manage-account-links}", + "composite" : false, + "clientRole" : true, + "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d", + "attributes" : { } + } ] + } + }, + "groups" : [ ], + "defaultRoles" : [ "uma_authorization", "offline_access" ], + "requiredCredentials" : [ "password" ], + "otpPolicyType" : "totp", + "otpPolicyAlgorithm" : "HmacSHA1", + "otpPolicyInitialCounter" : 0, + "otpPolicyDigits" : 6, + "otpPolicyLookAheadWindow" : 1, + "otpPolicyPeriod" : 30, + "otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ], + "scopeMappings" : [ { + "clientScope" : "offline_access", + "roles" : [ "offline_access" ] + } ], + "clients" : [ { + "id" : "e55e1234-38fa-432d-8d90-39f5e024688d", + "clientId" : "account", + "name" : "${client_account}", + "baseUrl" : "/auth/realms/quarkus/account", + "surrogateAuthRequired" : false, + "enabled" : true, + "clientAuthenticatorType" : "client-secret", + "secret" : "0136c3ef-0dfd-4b13-a6d0-2c8b6358edec", + "defaultRoles" : [ "view-profile", "manage-account" ], + "redirectUris" : [ "/auth/realms/quarkus/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "e9cc41a2-8e35-4d5e-949e-4879880c2ddb", + "clientId" : "admin-cli", + "name" : "${client_admin-cli}", + "surrogateAuthRequired" : false, + "enabled" : true, + "clientAuthenticatorType" : "client-secret", + "secret" : "a951803a-79c7-46a6-8197-e32835286971", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : false, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "53d4fe53-a039-471e-886a-28eddc950e95", + "clientId" : "broker", + "name" : "${client_broker}", + "surrogateAuthRequired" : false, + "enabled" : true, + "clientAuthenticatorType" : "client-secret", + "secret" : "e1f7edd7-e15c-43b4-8736-ff8204d16836", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc", + "clientId" : "backend-service", + "surrogateAuthRequired" : false, + "enabled" : true, + "clientAuthenticatorType" : "client-secret", + "secret" : "secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : true, + "authorizationServicesEnabled" : true, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : true, + "nodeReRegistrationTimeout" : -1, + "protocolMappers" : [ { + "id" : "3eac903f-c16b-4a78-a7e8-eb8f4d402b71", + "name" : "Client ID", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usersessionmodel-note-mapper", + "consentRequired" : false, + "config" : { + "user.session.note" : "clientId", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "clientId", + "jsonType.label" : "String" + } + }, { + "id" : "8422cefe-7f42-4f3b-abad-5f06f7d4b748", + "name" : "Client IP Address", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usersessionmodel-note-mapper", + "consentRequired" : false, + "config" : { + "user.session.note" : "clientAddress", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "clientAddress", + "jsonType.label" : "String" + } + }, { + "id" : "988e47d6-2055-45eb-82d6-0b8b25c629fc", + "name" : "Client Host", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usersessionmodel-note-mapper", + "consentRequired" : false, + "config" : { + "user.session.note" : "clientHost", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "clientHost", + "jsonType.label" : "String" + } + } ], + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ], + "authorizationSettings" : { + "allowRemoteResourceManagement" : true, + "policyEnforcementMode" : "ENFORCING", + "resources" : [ { + "name" : "Confidential Resource", + "ownerManagedAccess" : false, + "attributes" : { }, + "_id" : "99856673-24fa-431b-9e26-93e2113f69db", + "uris" : [ "/secured/confidential" ] + } ], + "policies" : [ { + "id" : "c72b05ee-ee80-4a97-acf2-ca329a44aae1", + "name" : "Confidential Policy", + "type" : "js", + "logic" : "POSITIVE", + "decisionStrategy" : "UNANIMOUS", + "config" : { + "code" : "var identity = $evaluation.context.identity;\n\nif (identity.hasRealmRole(\"confidential\")) {\n$evaluation.grant();\n}" + } + }, { + "id" : "976c6965-9684-42ac-a928-fcad639e5deb", + "name" : "Confidential Permission", + "type" : "resource", + "logic" : "POSITIVE", + "decisionStrategy" : "UNANIMOUS", + "config" : { + "resources" : "[\"Confidential Resource\"]", + "applyPolicies" : "[\"Confidential Policy\"]" + } + } ], + "scopes" : [ ] + } + }, { + "id" : "376bd940-e50a-4495-80fc-9c6c07312748", + "clientId" : "realm-management", + "name" : "${client_realm-management}", + "surrogateAuthRequired" : false, + "enabled" : true, + "clientAuthenticatorType" : "client-secret", + "secret" : "c41b709a-a012-4c69-89d7-4f926dba0619", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : true, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "a8732cac-ae0f-44ec-b7f3-bd2c41eff13c", + "clientId" : "security-admin-console", + "name" : "${client_security-admin-console}", + "baseUrl" : "/auth/admin/quarkus/console/index.html", + "surrogateAuthRequired" : false, + "enabled" : true, + "clientAuthenticatorType" : "client-secret", + "secret" : "e571b211-2550-475d-b87f-116ff54091ee", + "redirectUris" : [ "/auth/admin/quarkus/console/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "280528ca-5e96-4bb9-9fc0-20311caac32d", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + } ], + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + } ], + "clientScopes" : [ { + "id" : "520cc3ef-2c6b-4d84-bcde-8c063241f4bd", + "name" : "address", + "description" : "OpenID Connect built-in scope: address", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${addressScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "c1d3bd07-0a5f-4f4f-b381-c58a7b723029", + "name" : "address", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-address-mapper", + "consentRequired" : false, + "config" : { + "user.attribute.formatted" : "formatted", + "user.attribute.country" : "country", + "user.attribute.postal_code" : "postal_code", + "userinfo.token.claim" : "true", + "user.attribute.street" : "street", + "id.token.claim" : "true", + "user.attribute.region" : "region", + "access.token.claim" : "true", + "user.attribute.locality" : "locality" + } + } ] + }, { + "id" : "19920c96-a383-4f35-8ee9-27833263cf03", + "name" : "email", + "description" : "OpenID Connect built-in scope: email", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${emailScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "36a0adf0-6c25-419f-98d7-cdeada8661aa", + "name" : "email", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "email", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email", + "jsonType.label" : "String" + } + }, { + "id" : "b0c39901-5e5d-4436-b685-908bb90ea1d9", + "name" : "email verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "emailVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email_verified", + "jsonType.label" : "boolean" + } + } ] + }, { + "id" : "55b3ee1c-cbf9-4526-93d7-aa56a9c5f1cb", + "name" : "microprofile-jwt", + "description" : "Microprofile - JWT built-in scope", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "false" + }, + "protocolMappers" : [ { + "id" : "59128144-a21a-4744-bb55-e66ff0503b18", + "name" : "upn", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "upn", + "jsonType.label" : "String" + } + }, { + "id" : "69351a63-7d6e-45d0-be47-088c83b20fdb", + "name" : "groups", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "multivalued" : "true", + "user.attribute" : "foo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "groups", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "3f190f54-8e3a-4c82-a799-bd12ddc475b2", + "name" : "offline_access", + "description" : "OpenID Connect built-in scope: offline_access", + "protocol" : "openid-connect", + "attributes" : { + "consent.screen.text" : "${offlineAccessScopeConsentText}", + "display.on.consent.screen" : "true" + } + }, { + "id" : "defa3480-5368-4f34-8075-49fb982b71b3", + "name" : "phone", + "description" : "OpenID Connect built-in scope: phone", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${phoneScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "069ae414-9e98-4612-a3d6-e8b5a1fa841d", + "name" : "phone number verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumberVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number_verified", + "jsonType.label" : "boolean" + } + }, { + "id" : "cea58e24-d0e0-4cc6-9e34-7b3bf7d6d85b", + "name" : "phone number", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumber", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "b7321e2e-dd8e-41cf-a527-c765155c3f78", + "name" : "profile", + "description" : "OpenID Connect built-in scope: profile", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${profileScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "1d4d3df5-7af5-488e-8477-0ad7cb74d50a", + "name" : "nickname", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "nickname", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "nickname", + "jsonType.label" : "String" + } + }, { + "id" : "1a5e26d6-211e-4f8a-b696-0ea9577db25a", + "name" : "zoneinfo", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "zoneinfo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "zoneinfo", + "jsonType.label" : "String" + } + }, { + "id" : "18971685-6dd7-420f-9c09-879c4f2d54d8", + "name" : "updated at", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "updatedAt", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "updated_at", + "jsonType.label" : "String" + } + }, { + "id" : "b970d96b-0156-4db0-9beb-9c84c173e619", + "name" : "birthdate", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "birthdate", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "birthdate", + "jsonType.label" : "String" + } + }, { + "id" : "50287033-df21-45c6-aa46-c3060e6f9855", + "name" : "given name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "firstName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "given_name", + "jsonType.label" : "String" + } + }, { + "id" : "3dc6b97e-7063-4077-98d1-0cacf9029c7b", + "name" : "full name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-full-name-mapper", + "consentRequired" : false, + "config" : { + "id.token.claim" : "true", + "access.token.claim" : "true", + "userinfo.token.claim" : "true" + } + }, { + "id" : "3fb9391b-376c-42ef-b012-4df461c617cc", + "name" : "middle name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "middleName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "middle_name", + "jsonType.label" : "String" + } + }, { + "id" : "83f7fc4a-5386-4f86-a103-6585e138b61d", + "name" : "username", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "preferred_username", + "jsonType.label" : "String" + } + }, { + "id" : "8ef177b3-f485-44b1-afee-1901393b00c7", + "name" : "family name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "lastName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "family_name", + "jsonType.label" : "String" + } + }, { + "id" : "e994cbc7-2a1a-4465-b7b7-12b35b4fe49e", + "name" : "gender", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "gender", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "gender", + "jsonType.label" : "String" + } + }, { + "id" : "abaa4c9e-1fa2-4b45-a1bb-b3d650de9aca", + "name" : "picture", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "picture", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "picture", + "jsonType.label" : "String" + } + }, { + "id" : "bf21b514-81fd-4bbe-9236-bab5fcf54561", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + }, { + "id" : "254f8de4-08e7-4d3d-a87f-4b238f0f922b", + "name" : "profile", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "profile", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "profile", + "jsonType.label" : "String" + } + }, { + "id" : "7934bf2a-cfc3-4b2d-a5cb-287f3ed2a977", + "name" : "website", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "website", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "website", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "f3dc793d-6011-4861-b538-399dde5434c0", + "name" : "role_list", + "description" : "SAML role list", + "protocol" : "saml", + "attributes" : { + "consent.screen.text" : "${samlRoleListScopeConsentText}", + "display.on.consent.screen" : "true" + }, + "protocolMappers" : [ { + "id" : "22eeabf8-a3c3-4026-a351-367f8ace7927", + "name" : "role list", + "protocol" : "saml", + "protocolMapper" : "saml-role-list-mapper", + "consentRequired" : false, + "config" : { + "single" : "false", + "attribute.nameformat" : "Basic", + "attribute.name" : "Role" + } + } ] + }, { + "id" : "f72c1acd-c367-41b1-8646-b6bd5fff3e3f", + "name" : "roles", + "description" : "OpenID Connect scope for add user roles to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${rolesScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "cd8e589e-5fa7-4dae-bf6e-e8f6a3fd3cff", + "name" : "realm roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "realm_access.roles", + "jsonType.label" : "String", + "multivalued" : "true" + } + }, { + "id" : "708b19d1-0709-4278-b5a1-bcbeec11f51a", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { } + }, { + "id" : "25e97210-30c7-4f35-be11-407f1fa674cb", + "name" : "client roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-client-role-mapper", + "consentRequired" : false, + "config" : { + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "resource_access.${client_id}.roles", + "jsonType.label" : "String", + "multivalued" : "true" + } + } ] + }, { + "id" : "52618957-a4e8-4c6f-a902-217f2c41a2fd", + "name" : "web-origins", + "description" : "OpenID Connect scope for add allowed web origins to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "false", + "consent.screen.text" : "" + }, + "protocolMappers" : [ { + "id" : "a66ddadf-312f-491f-993c-fa58685815c6", + "name" : "allowed web origins", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-allowed-origins-mapper", + "consentRequired" : false, + "config" : { } + } ] + } ], + "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins" ], + "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], + "browserSecurityHeaders" : { + "contentSecurityPolicyReportOnly" : "", + "xContentTypeOptions" : "nosniff", + "xRobotsTag" : "none", + "xFrameOptions" : "SAMEORIGIN", + "xXSSProtection" : "1; mode=block", + "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "strictTransportSecurity" : "max-age=31536000; includeSubDomains" + }, + "smtpServer" : { }, + "eventsEnabled" : false, + "eventsListeners" : [ "jboss-logging" ], + "enabledEventTypes" : [ ], + "adminEventsEnabled" : false, + "adminEventsDetailsEnabled" : false, + "components" : { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { + "id" : "a7679218-373d-48ca-88f8-429985faeae3", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper" ] + } + }, { + "id" : "2ebf6f9f-4bfc-44b9-ad7c-282f2274d35b", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + }, { + "id" : "552093c3-0a0a-4234-ad7c-ae660f0f0db1", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + }, { + "id" : "8f27cf74-cee7-4a73-851f-982ee45157ca", + "name" : "Trusted Hosts", + "providerId" : "trusted-hosts", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "host-sending-registration-request-must-match" : [ "true" ], + "client-uris-must-match" : [ "true" ] + } + }, { + "id" : "ff570525-6c96-4500-9d73-c02e708b39de", + "name" : "Full Scope Disabled", + "providerId" : "scope", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "b52284eb-123a-4718-aac9-857530a24a9b", + "name" : "Max Clients Limit", + "providerId" : "max-clients", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "max-clients" : [ "200" ] + } + }, { + "id" : "2b8c0a6d-d5c0-4ea2-8a9c-4843d3e04ec6", + "name" : "Consent Required", + "providerId" : "consent-required", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "bf59de5a-2c93-43cc-a9aa-03be0129fe53", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper" ] + } + } ], + "org.keycloak.keys.KeyProvider" : [ { + "id" : "b3efd9cc-28b6-4404-82af-8a48a966b8ff", + "name" : "rsa-generated", + "providerId" : "rsa-generated", + "subComponents" : { }, + "config" : { + "privateKey" : [ "MIIEowIBAAKCAQEAn5T13suF8mlS+pJXp0U1bto41nW55wpcs+Rps8ZVCRyJKWqzwSCYnI7lm0rB2wBpAAO4OPoj1zlmVoFmBPsDU9Xf7rjsJb5LIzIQDCZY44aSDZt6RR+gakPiQvlzHyW/RozYpngDJF7TsTD7rdRF1xQ4RprfBF8fwK/xsU7pxbeom5xDHZhz3fiw8s+7UdbmnazDHfAjU58aUrLGgVRfUsuoHjtsptYlOIXEifaeMetXZE+HhqLYRHQPDap5fbBJl773Trosn7N9nmzN4x1xxGj9So21WC5UboQs9sAIVgizc4omjZ5Y4RN9HLH7G4YwJctNntzmnJhDui9zAO+zSQIDAQABAoIBADi+F7rTtVoft0Cfnok8o6Y58/HVxHdxiMryUd95iy0FN4RBi48FTx6D9QKFz25Ws/8sU2n3D51srIXf1u24b1N0/f39RQKaqk7mcyxOylaEuBQcj5pah4ihgKd92UBfBKdKV5LBo6RgD3e2yhbiHr8+UlBQqzH7vOef6Bm6zIbfmi3N88swAJhP0YizRZFklsbmLsK6nkwyro00CHJvPVKSBbM+ad+/zIBsLw56MvNngB5TuFguUgoljd6M1T2z4utmZGlTUqrfE1onAVLJZoGnRohyIr7dJEg6YxWR70PxsgmkDKyeRvet9P1trO0n+OSprusfrC3cHJStabap1V0CgYEA1A/CtsqTnjdYYsB19eumZgdpzUgNc/YEAzZ/OWb8yTLoB2ncci+63A1rXHUXAqJFY7vtjn5mxv7SuASNbUrzq+6KfZvC1x9XEtnczqT/ypunNfxmIZuj8Nuu6vtURguZ8kPPwdkI8toTizRFeRE5ZDBvoQryiEVYugfHaHT5vzsCgYEAwKWODwquI0Lv9BuwdNVrBXQpkKh3ZfYOA7i9xvhxlM7xUu8OMCwwCPn3r7vrW5APjTqX4h330mJ44SLEs+7gbCUs4BbJBLA6g0ChlHa9PTkxp6tk2nDF/B34fxiZSRkE85L+d+at0Dc3hnlzLCJCzJawGpoPniPU9e4w0p4dN0sCgYAsGnMGjS8SUrRhJWHjGXVr9tK8TOXvXhULjgP7rj2Yoqu7Dvs4DFEyft/7RKbad2EzEtyfLA64CDtO5jN7rYDsGxpWcVSeZPg5BXJ0z8AbJTArfCjJiJMZ/rZsTIUEZFlKF2xYBolj6JLz+pUQTtK+0YwF1D8ItFN1rTR9twZSDQKBgQC6sPXNX+VH6LuPTjIf1x8CxwLs3EXxOpV0R9kp9GRl+HJnk6GlT30xhcThufQo5KAdllXQXIhoiuNoEoCbevhj9Vbax1oBQCNERSMRNEzKAx46xd9TzYwgeo7x5E3QR/3DaoVOfu+cY5ZcrF/PulgP2kxJS1mtQD5GIpGP2oinpwKBgGqiqTFPqRcelx76vBvTU+Jp1zM62T4AotbMrSQR/oUvqHe5Ytj/SbZx+wbbHAiyGgV700Mosyviik83YEAbR3kdOPjgYvAJJW2Y3jEMdQ7MwriXz8XLh5BGmYfVjkSOJXed9ua9WlYLKOJeXXv191BbDvrx5NXuJyVVU4vJx3YZ" ], + "certificate" : [ "MIICnTCCAYUCBgFp4EYIrjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdwcm90ZWFuMB4XDTE5MDQwMjIyNTYxOVoXDTI5MDQwMjIyNTc1OVowEjEQMA4GA1UEAwwHcHJvdGVhbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ+U9d7LhfJpUvqSV6dFNW7aONZ1uecKXLPkabPGVQkciSlqs8EgmJyO5ZtKwdsAaQADuDj6I9c5ZlaBZgT7A1PV3+647CW+SyMyEAwmWOOGkg2bekUfoGpD4kL5cx8lv0aM2KZ4AyRe07Ew+63URdcUOEaa3wRfH8Cv8bFO6cW3qJucQx2Yc934sPLPu1HW5p2swx3wI1OfGlKyxoFUX1LLqB47bKbWJTiFxIn2njHrV2RPh4ai2ER0Dw2qeX2wSZe+9066LJ+zfZ5szeMdccRo/UqNtVguVG6ELPbACFYIs3OKJo2eWOETfRyx+xuGMCXLTZ7c5pyYQ7ovcwDvs0kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAVtmRKDb4OK5iSA46tagMBkp6L7WuPpCWuHGWwobEP+BecYsShW7zP3s12oA8SNSwbhvu0CRqgzxhuypgf3hKQFVU153Erv4hzkj+8S0s5LR/ZE7tDNY2lzJ3yQKXy3Md7EkuzzvOZ50MTrcSKAanWq/ZW1OTnrtGymj5zGJnTg7mMnJzEIGePxkvPu/QdchiPBLqxfZYm1jsFGY25djOC3N/KmVcRVmPRGuu6D8tBFHlKoPfZYPdbMvsvs24aupHKRcZ+ofTCpK+2Qo8c0pSSqeEYHGmuGqC6lC6ozxtxSABPO9Q1R1tZBU7Kg5HvXUwwmoVS3EGub46YbHqbmWMLg==" ], + "priority" : [ "100" ] + } + }, { + "id" : "20460ca5-ec24-4a9b-839a-457743d3f841", + "name" : "hmac-generated", + "providerId" : "hmac-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "96afd00e-85cf-4d35-b18e-061d3813d8b2" ], + "secret" : [ "qBFGKdUGf6xDgKphnRfoFzIzaFHJW4bYnZ9MinPFzN38X5_ctq-2u1q5RdZzeJukXvk2biHB8_s3DxWmmLZFsA" ], + "priority" : [ "100" ], + "algorithm" : [ "HS256" ] + } + }, { + "id" : "4f02d984-7a23-4ce1-8591-848a71390efe", + "name" : "aes-generated", + "providerId" : "aes-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "b04473d3-8395-4016-b455-19a9e951106b" ], + "secret" : [ "x68mMOVdz3qKWzltzReV0g" ], + "priority" : [ "100" ] + } + } ] + }, + "internationalizationEnabled" : false, + "supportedLocales" : [ ], + "authenticationFlows" : [ { + "id" : "d6c3e282-a738-4b8b-98c2-378b9faf8344", + "alias" : "Handle Existing Account", + "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-confirm-link", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "idp-email-verification", + "requirement" : "ALTERNATIVE", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "ALTERNATIVE", + "priority" : 30, + "flowAlias" : "Verify Existing Account by Re-authentication", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "4855860b-4009-4f1b-ba6b-60581618ea62", + "alias" : "Verify Existing Account by Re-authentication", + "description" : "Reauthentication of existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-username-password-form", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-otp-form", + "requirement" : "OPTIONAL", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "8a9872b0-65f1-47ff-9565-fa826ac64cd4", + "alias" : "browser", + "description" : "browser based authentication", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-cookie", + "requirement" : "ALTERNATIVE", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-spnego", + "requirement" : "DISABLED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "identity-provider-redirector", + "requirement" : "ALTERNATIVE", + "priority" : 25, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "ALTERNATIVE", + "priority" : 30, + "flowAlias" : "forms", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "51b8ed14-62b6-49b3-b602-0b51508349e0", + "alias" : "clients", + "description" : "Base authentication for clients", + "providerId" : "client-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "client-secret", + "requirement" : "ALTERNATIVE", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "client-jwt", + "requirement" : "ALTERNATIVE", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "client-secret-jwt", + "requirement" : "ALTERNATIVE", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "client-x509", + "requirement" : "ALTERNATIVE", + "priority" : 40, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "9b65133a-ee71-494a-a659-6804513fc30b", + "alias" : "direct grant", + "description" : "OpenID Connect Resource Owner Grant", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "direct-grant-validate-username", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "direct-grant-validate-password", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "direct-grant-validate-otp", + "requirement" : "OPTIONAL", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "f62bc4ad-25ac-4f83-963b-32820af3a683", + "alias" : "docker auth", + "description" : "Used by Docker clients to authenticate against the IDP", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "docker-http-basic-authenticator", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "1b423fe7-f312-404c-903b-f1260a77259b", + "alias" : "first broker login", + "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "review profile config", + "authenticator" : "idp-review-profile", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticatorConfig" : "create unique user config", + "authenticator" : "idp-create-user-if-unique", + "requirement" : "ALTERNATIVE", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "ALTERNATIVE", + "priority" : 30, + "flowAlias" : "Handle Existing Account", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "9c9530b3-e3c6-481b-99e8-1461a9752e8e", + "alias" : "forms", + "description" : "Username, password, otp and other auth forms.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-username-password-form", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-otp-form", + "requirement" : "OPTIONAL", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "70fb94ac-354c-4629-a5fe-5135d0137964", + "alias" : "http challenge", + "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "no-cookie-redirect", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "basic-auth", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "basic-auth-otp", + "requirement" : "DISABLED", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-spnego", + "requirement" : "DISABLED", + "priority" : 40, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "08292a4a-6722-4e33-a5d9-354c2628f567", + "alias" : "registration", + "description" : "registration flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-page-form", + "requirement" : "REQUIRED", + "priority" : 10, + "flowAlias" : "registration form", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "668dc4b6-fe1a-4d24-ab5b-bc76e20ac390", + "alias" : "registration form", + "description" : "registration form", + "providerId" : "form-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-user-creation", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "registration-profile-action", + "requirement" : "REQUIRED", + "priority" : 40, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "registration-password-action", + "requirement" : "REQUIRED", + "priority" : 50, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "registration-recaptcha-action", + "requirement" : "DISABLED", + "priority" : 60, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "a0e191f0-ce9a-4a75-b6e4-97332b05f7e5", + "alias" : "reset credentials", + "description" : "Reset credentials for a user if they forgot their password or something", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "reset-credentials-choose-user", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "reset-credential-email", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "reset-password", + "requirement" : "REQUIRED", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "reset-otp", + "requirement" : "OPTIONAL", + "priority" : 40, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "ad4beb21-8e9a-4fca-af41-0f757169f26c", + "alias" : "saml ecp", + "description" : "SAML ECP Profile Authentication Flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "http-basic-authenticator", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + } ], + "authenticatorConfig" : [ { + "id" : "25632f91-6071-423a-8e9c-7322cdc1b011", + "alias" : "create unique user config", + "config" : { + "require.password.update.after.registration" : "false" + } + }, { + "id" : "02d7f70b-1ebc-4e72-a65c-d94a600895ac", + "alias" : "review profile config", + "config" : { + "update.profile.on.first.login" : "missing" + } + } ], + "requiredActions" : [ { + "alias" : "CONFIGURE_TOTP", + "name" : "Configure OTP", + "providerId" : "CONFIGURE_TOTP", + "enabled" : true, + "defaultAction" : false, + "priority" : 10, + "config" : { } + }, { + "alias" : "terms_and_conditions", + "name" : "Terms and Conditions", + "providerId" : "terms_and_conditions", + "enabled" : false, + "defaultAction" : false, + "priority" : 20, + "config" : { } + }, { + "alias" : "UPDATE_PASSWORD", + "name" : "Update Password", + "providerId" : "UPDATE_PASSWORD", + "enabled" : true, + "defaultAction" : false, + "priority" : 30, + "config" : { } + }, { + "alias" : "UPDATE_PROFILE", + "name" : "Update Profile", + "providerId" : "UPDATE_PROFILE", + "enabled" : true, + "defaultAction" : false, + "priority" : 40, + "config" : { } + }, { + "alias" : "VERIFY_EMAIL", + "name" : "Verify Email", + "providerId" : "VERIFY_EMAIL", + "enabled" : true, + "defaultAction" : false, + "priority" : 50, + "config" : { } + } ], + "browserFlow" : "browser", + "registrationFlow" : "registration", + "directGrantFlow" : "direct grant", + "resetCredentialsFlow" : "reset credentials", + "clientAuthenticationFlow" : "clients", + "dockerAuthenticationFlow" : "docker auth", + "attributes" : { + "_browser_header.xXSSProtection" : "1; mode=block", + "_browser_header.xFrameOptions" : "SAMEORIGIN", + "_browser_header.strictTransportSecurity" : "max-age=31536000; includeSubDomains", + "permanentLockout" : "false", + "quickLoginCheckMilliSeconds" : "1000", + "_browser_header.xRobotsTag" : "none", + "maxFailureWaitSeconds" : "900", + "minimumQuickLoginWaitSeconds" : "60", + "failureFactor" : "30", + "actionTokenGeneratedByUserLifespan" : "300", + "maxDeltaTimeSeconds" : "43200", + "_browser_header.xContentTypeOptions" : "nosniff", + "offlineSessionMaxLifespan" : "5184000", + "actionTokenGeneratedByAdminLifespan" : "43200", + "_browser_header.contentSecurityPolicyReportOnly" : "", + "bruteForceProtected" : "false", + "_browser_header.contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "waitIncrementSeconds" : "60", + "offlineSessionMaxLifespanEnabled" : "false" + }, + "users" : [ { + "id" : "af134cab-f41c-4675-b141-205f975db679", + "username" : "admin", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "credentials" : [ { + "type" : "password", + "hashedSaltedValue" : "NICTtwsvSxJ5hL8hLAuleDUv9jwZcuXgxviMXvR++cciyPtiIEStEaJUyfA9DOir59awjPrHOumsclPVjNBplA==", + "salt" : "T/2P5o5oxFJUEk68BRURRg==", + "hashIterations" : 27500, + "counter" : 0, + "algorithm" : "pbkdf2-sha256", + "digits" : 0, + "period" : 0, + "createdDate" : 1554245879354, + "config" : { } + } ], + "disableableCredentialTypes" : [ "password" ], + "requiredActions" : [ ], + "realmRoles" : [ "admin", "user" ], + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "eb4123a3-b722-4798-9af5-8957f823657a", + "username" : "alice", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "credentials" : [ { + "type" : "password", + "hashedSaltedValue" : "A3okqV2T/ybXTVEgKfosoSjP8Yc9IZbFP/SY4cEd6hag7TABQrQ6nUSuwagGt96l8cw1DTijO75PqX6uiTXMzw==", + "salt" : "sl4mXx6T9FypPH/s9TngfQ==", + "hashIterations" : 27500, + "counter" : 0, + "algorithm" : "pbkdf2-sha256", + "digits" : 0, + "period" : 0, + "createdDate" : 1554245879116, + "config" : { } + } ], + "disableableCredentialTypes" : [ "password" ], + "requiredActions" : [ ], + "realmRoles" : [ "user" ], + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "1eed6a8e-a853-4597-b4c6-c4c2533546a0", + "username" : "jdoe", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "credentials" : [ { + "type" : "password", + "hashedSaltedValue" : "JV3DUNLjqOadjbBOtC4rvacQI553CGaDGAzBS8MR5ReCr7SwF3E6CsW3T7/XO8ITZAsch8+A/6loeuCoVLLJrg==", + "salt" : "uCbOH7HZtyDtMd0E9DG/nw==", + "hashIterations" : 27500, + "counter" : 0, + "algorithm" : "pbkdf2-sha256", + "digits" : 0, + "period" : 0, + "createdDate" : 1554245879227, + "config" : { } + } ], + "disableableCredentialTypes" : [ "password" ], + "requiredActions" : [ ], + "realmRoles" : [ "confidential", "user" ], + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "948c59ec-46ed-4d99-aa43-02900029b930", + "createdTimestamp" : 1554245880023, + "username" : "service-account-backend-service", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "service-account-backend-service@placeholder.org", + "serviceAccountClientId" : "backend-service", + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "offline_access" ], + "clientRoles" : { + "backend-service" : [ "uma_protection" ], + "account" : [ "view-profile", "manage-account" ] + }, + "notBefore" : 0, + "groups" : [ ] + } ], + "keycloakVersion" : "6.0.0", + "userManagedAccessAllowed" : false +} diff --git a/setup/preparelab.sh b/setup/preparelab.sh index ea4b5ed..8812e3d 100755 --- a/setup/preparelab.sh +++ b/setup/preparelab.sh @@ -252,18 +252,13 @@ SSO_TOKEN=$(curl -s -d "username=${KEYCLOAK_USER}&password=${KEYCLOAK_PASSWORD}& -X POST http://keycloak-che.${HOSTNAME_SUFFIX}/auth/realms/master/protocol/openid-connect/token | \ jq -r '.access_token') -# Import realm from -# https://raw.githubusercontent.com/quarkusio/quarkus-quickstarts/master/using-keycloak/config/quarkus-realm.json -TMPREALM=$(mktemp) -curl -s -o $TMPREALM https://raw.githubusercontent.com/quarkusio/quarkus-quickstarts/master/using-keycloak/config/quarkus-realm.json - -curl -v -H "Authorization: Bearer ${SSO_TOKEN}" -H "Content-Type:application/json" -d @${TMPREALM} \ +# Import realm +curl -v -H "Authorization: Bearer ${SSO_TOKEN}" -H "Content-Type:application/json" -d ../files/quarkus-realm.json \ -X POST http://keycloak-che.${HOSTNAME_SUFFIX}/auth/admin/realms -rm -f ${TMPREALM} - -# Create Che users +# Create Che users, let them view che namespace for i in {1..$USERCOUNT} ; do + oc adm policy add-role-to-user view user${i} -n che USERNAME=user${i} FIRSTNAME=User${i} LASTNAME=Developer